CVE-2007-6465 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6465): Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php; the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st parameters to (b) web/graph.php; and the (11) c, (12) G, (13) h, (14) r, (15) m, (16) s, (17) cr, (18) hc, (19) sh, (20) p, (21) t, (22) jr, (23) js, (24) gw, (25) z, and (26) gs parameters to (c) web/get_context.php. NOTE: some of these details are obtained from third party information.
HP-Cluster herd, please advise. Bug 172206 contains updated ebuilds.
ping.
ganglia-3.0.6 added to cvs.
Thanks a lot. Arches, please test and mark stable sys-cluster/ganglia-3.0.6. Target keywords : "x86"
x86 stable, last arch.
It's a vote. NO for me.
Voting NO and closing.