Your message dated Mon, 05 Sep 2016 22:19:55 +0000
with message-id <[email protected]>
and subject line Bug#833420: fixed in cacti 0.8.8h+ds1-5
has caused the Debian Bug report #833420,
regarding cacti: Incomplete fix for CVE-2016-2313
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
833420: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833420
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: cacti
Version: 0.8.8h+ds1-4
Severity: important
Tags: security upstream
Forwarded: http://bugs.cacti.net/view.php?id=2697
Hi Paul,
As originally reported to [0,1] the fix for CVE-2016-2313 seems
incomplete. This affects the unstable version and the version which is
waiting in jessie-proposed-updates.
Filling the bug to track the issue.
[0] https://lists.debian.org/debian-lts/2016/07/msg00164.html
[1] http://bugs.cacti.net/view.php?id=2697
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: cacti
Source-Version: 0.8.8h+ds1-5
We believe that the bug you reported is fixed in the latest version of
cacti, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Paul Gevers <[email protected]> (supplier of updated cacti package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 05 Sep 2016 21:10:12 +0200
Source: cacti
Binary: cacti
Architecture: source
Version: 0.8.8h+ds1-5
Distribution: unstable
Urgency: medium
Maintainer: Cacti Maintainer <[email protected]>
Changed-By: Paul Gevers <[email protected]>
Description:
cacti - web interface for graphing of monitoring systems
Closes: 833420
Changes:
cacti (0.8.8h+ds1-5) unstable; urgency=medium
.
[ Emilio Pozuelo Monfort ]
* CVE-2016-2313-guest-auth.patch:
+ Fix regression in the fix for CVE-2016-2313 that broke guest user
logins. Thanks to Matus Uhlar for the report. (Closes: #833420)
.
[ Paul Gevers ]
* Recommend default-mysql-server instead of MariaDB and MySQL
Checksums-Sha1:
e6cae9887f873abb0a390c49202a74dd9bc96395 1619 cacti_0.8.8h+ds1-5.dsc
3b54d32435f4d6a5f8140fe8e353a92e3b369963 48900 cacti_0.8.8h+ds1-5.debian.tar.xz
Checksums-Sha256:
f72f99f17441d4aaa1a267a1a8ddd4029de39b9d435abf683aa37692715f46f9 1619
cacti_0.8.8h+ds1-5.dsc
648747bc2c44c43694816a6167bc84c311c7ff0a740564827c32dc9c57d635fa 48900
cacti_0.8.8h+ds1-5.debian.tar.xz
Files:
ca129725fd31ef42725f298b59440d0e 1619 web extra cacti_0.8.8h+ds1-5.dsc
67d8f89eaf671c234da00fc014e1bb19 48900 web extra
cacti_0.8.8h+ds1-5.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJXzdFlAAoJEJxcmesFvXUKmAIH+wWkgXMsPl5TyaGAFzonhxBj
Slhz3wk3fWxEJ5XajgibCJ6L61VDpsXdssA+WJkAupni/m6IQMxYOv2ua0SWi+dm
WOCvLWvIw/2IZrZDULg30+U3LgBmB91CNFYZEK9cUrdf41oBhZaWGB+xRw3F6GfI
S1QbHQMzyJxD1k0mwERjn3N/pcnQCGzaA4MZ5uy02Pz//TimIOb9RZVCIznrO/9d
UB9hTIhYnR3TbJWfBq6dmmd1SelWZaSZFxGTGStrQAzDH4dHlfr0j53cXbpRQEEV
tp69QXobmkQBvdH1DcXhTfFo7DXKK2Wq8rGW1sC0DYD0qJkIcq7B8OwvADLijOU=
=yFXP
-----END PGP SIGNATURE-----
--- End Message ---
