Bug 585207
Summary: | SQL Injection Vulnerability | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Matt Hyclak <hyclak> | ||||
Component: | cacti | Assignee: | Mike McGrath <mmcgrath> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | low | ||||||
Version: | el5 | CC: | mmcgrath, vdanen | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | cacti-0.8.7e-4.fc13 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2010-05-18 21:59:14 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 585401 | ||||||
Attachments: |
|
Description
Matt Hyclak
2010-04-23 12:42:24 UTC
cacti-0.8.7e-4.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.fc12 cacti-0.8.7e-4.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.fc13 cacti-0.8.7e-4.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.fc11 cacti-0.8.7e-4.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.el4 cacti-0.8.7e-4.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update cacti'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.fc13 *** Bug 585402 has been marked as a duplicate of this bug. *** cacti-0.8.7e-4.el4 has been pushed to the Fedora EPEL 4 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update cacti'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.el4 cacti-0.8.7e-4.fc11 has been pushed to the Fedora 11 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update cacti'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.fc11 cacti-0.8.7e-4.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update cacti'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/cacti-0.8.7e-4.fc12 This update didn't break anything on our test system. I can't seem to find a way to really test the vulnerability to make sure it's fixed or not. Thanks, Matt Yeah, I don't have a good testcase here either. The advisory report to full-disclosure had an example but I can't seem to make it do anything creative. I think we have to trust that upstream did the right thing here. Is this going to get pushed for EL5? I only see EL4 and FC11-13. cacti-0.8.7e-4.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. (In reply to comment #12) > Is this going to get pushed for EL5? I only see EL4 and FC11-13. This was addressed in https://admin.fedoraproject.org/updates/cacti-0.8.7f-1.el5 |