Summary: | <net-analyzer/cacti-0.8.8h: SQL injection vulnerability in graph_view.php (CVE-2016-3659) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659 | ||
Whiteboard: | C2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Jeroen Roovers (RETIRED)
2016-05-14 09:46:55 UTC
Arch teams, please test and mark stable: =net-analyzer/cacti-0.8.8h Targeted stable KEYWORDS : alpha amd64 hppa sparc x86 =net-analyzer/cacti-spine-0.8.8h Targeted stable KEYWORDS : amd64 hppa sparc x86 amd64 stable x86 stable Stable for HPPA. Stable on alpha. Added to existing GLSA. sparc stable. Maintainer(s), please cleanup. This issue was resolved and addressed in GLSA 201607-05 at https://security.gentoo.org/glsa/201607-05 by GLSA coordinator Aaron Bauman (b-man). @maintainer(s), reopening for cleanup. Please clean the vulnerable versions. Readding SPARC for =net-analyzer/cacti-spine-0.8.8h (In reply to Jeroen Roovers from comment #10) > Readding SPARC for > > =net-analyzer/cacti-spine-0.8.8h net-analyzer/cacti: sparc stable wrt bug #582996 Agostino Sarubbo, Fri, 8 Jul 2016 06:00, commit d09843a7 Arches and Maintainer(s), Thank you for your work. Keywords for net-analyzer/cacti-spine: | a a a h i p p s x m a m n r s s | e u s | r | l m r p a p p p 8 i r 6 i i 3 h | a n l | e | p d m p 6 c c a 6 p m 8 o s 9 | p u o | p | h 6 a 4 6 r s 6 k s c 0 | i s t | o | a 4 4 c 4 2 v | e | | | d | -------+---------------------------------+-------+------- 0.8.8e | o + o + o ~ ~ + + o o o o o o o | 5 o 0 | gentoo 0.8.8h | o + o + o ~ ~ ~ + o o o o o o o | 5 o | gentoo I missed cacti-spine, sorry, I will do it now. sparc stable. Maintainer(s), please cleanup. @maintainer(s), while it is not vulnerable it should still be cleaned for consistency and I assume it is obsolete concerning version mismatches: =net-analyzer/cacti-spine-0.8.8e (In reply to Aaron Bauman from comment #15) > @maintainer(s), while it is not vulnerable it should still be cleaned for > consistency and I assume it is obsolete concerning version mismatches: what? Tree is clean. |