On Thu, Dec 24, 2015 at 06:31:02AM +0100, Paul Gevers (Mobiel) wrote: > > This is the patch I applied in Debian. > > Paul > > http://anonscm.debian.org/cgit/pkg-cacti/cacti.git/tree/debian/patches/CVE-2015-8369_sql_injection_in_graph.php.patch >
Hello Paul, I am not sure but I think Debian is using 0.8.8g or? Archlinux is still waiting for the official 0.8.8f release.. your patch is not working with 0.8.8f best regards -------------------------------------------------------------- Christian Rebischke Arch Linux Security Team Website : www.nullday.de Twitter : @sh1bumi Jabber : [email protected] PGP : 0xDFE2060D Fingerprint: 6DAF 7B80 8F9D F251 3962 0000 D214 61E3 DFE2 060D --------------------------------------------------------------
signature.asc
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ cacti-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cacti-user
