Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 765022 - <net-analyzer/cacti-1.2.17: XSS vulnerability
Summary: <net-analyzer/cacti-1.2.17: XSS vulnerability
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/Cacti/cacti/issues...
Whiteboard: B4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-01-11 22:14 UTC by Sam James
Modified: 2021-10-17 20:40 UTC (History)
1 user (show)

See Also:
Package list:
net-analyzer/cacti-1.2.17 net-analyzer/cacti-spine-1.2.17
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2021-01-11 22:14:39 UTC
An XSS issue to be fixed in .17, not yet patched.
Comment 1 NATTkA bot gentoo-dev 2021-07-29 17:24:40 UTC Comment hidden (obsolete)
Comment 2 NATTkA bot gentoo-dev 2021-07-29 17:33:11 UTC Comment hidden (obsolete)
Comment 3 NATTkA bot gentoo-dev 2021-07-29 17:41:01 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-07-29 17:49:12 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-07-29 18:05:07 UTC Comment hidden (obsolete)
Comment 6 NATTkA bot gentoo-dev 2021-07-29 18:13:25 UTC Comment hidden (obsolete)
Comment 7 Agostino Sarubbo gentoo-dev 2021-08-11 06:39:34 UTC
amd64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2021-08-11 06:42:00 UTC
sparc stable
Comment 9 Agostino Sarubbo gentoo-dev 2021-08-25 04:23:26 UTC
x86 stable.

Maintainer(s), please cleanup.
Comment 10 Larry the Git Cow gentoo-dev 2021-10-17 20:39:13 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d752c75f06d85b2eeceb3770f27484ca7bd2df1

commit 8d752c75f06d85b2eeceb3770f27484ca7bd2df1
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2021-10-17 20:07:19 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2021-10-17 20:36:42 +0000

    net-analyzer/cacti: drop 1.2.16-r1
    
    Bug: https://bugs.gentoo.org/765022
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 net-analyzer/cacti/Manifest                        |   1 -
 net-analyzer/cacti/cacti-1.2.16-r1.ebuild          |  54 ----
 .../cacti/files/cacti-1.2.16-CVE-2020-35701.patch  |  29 --
 .../cacti/files/cacti-1.2.16-XSS-issue-4019.patch  | 360 ---------------------
 4 files changed, 444 deletions(-)
Comment 11 John Helmert III gentoo-dev Security 2021-10-17 20:40:01 UTC
Cleaned up, all done!