Cacti CHANGELOG 1.2.13 -security#3544: jQuery XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023) -security#3549: Lack of escaping on some pages can lead to XSS exposure -security#3582: Update PHPMailer to 6.1.6 (CVE-2020-13625) -security#3622: SQL Injection vulnerability due to input validation failure when editing colors (CVE-2020-14295) -security#3628: Lack of escaping on template import can lead to XSS exposure
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e86246a81503d92e3d8bb47d2719f3cdf0a33a35 commit e86246a81503d92e3d8bb47d2719f3cdf0a33a35 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-07-14 06:10:21 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-07-14 06:12:18 +0000 net-analyzer/cacti-spine: Version 1.2.13 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Bug: https://bugs.gentoo.org/732522 Signed-off-by: Jeroen Roovers <jer@gentoo.org> net-analyzer/cacti-spine/Manifest | 1 + net-analyzer/cacti-spine/cacti-spine-1.2.13.ebuild | 51 ++++++++++++++++++++++ 2 files changed, 52 insertions(+)
Unable to check for sanity: > no match for package: =net-analyzer/cacti-1.2.13
All sanity-check issues have been resolved
sparc stable
x86 stable
amd64 stable. Please cleanup.
This issue was resolved and addressed in GLSA 202007-03 at https://security.gentoo.org/glsa/202007-03 by GLSA coordinator Sam James (sam_c).
Reopening for cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a682b03e136370d0b875eea46428f955976a9f3d commit a682b03e136370d0b875eea46428f955976a9f3d Author: Sam James <sam@gentoo.org> AuthorDate: 2020-07-29 00:19:26 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-29 00:19:39 +0000 net-analyzer/cacti: security cleanup Bug: https://bugs.gentoo.org/732522 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/cacti/Manifest | 1 - net-analyzer/cacti/cacti-1.2.12.ebuild | 48 ---------------------------------- 2 files changed, 49 deletions(-)