Package: cacti Version: 0.8.7-1 Severity: grave Tags: security Justification: user security hole
Quoting release notes (http://www.cacti.net/release_notes_0_8_7a.php): Release Notes - 0.8.7a Important Security Fixes * Possible SQL injection issue was resolved. Important Bug Fixes * Additional support for RRDTool graph minimum and maximum Y-axis * limits added for RRDTool 1.2.x. * Support for opacity and alpha added for RRDTool 1.2.x. * Support for si units with logarithmic scaling added for * RRDtool 1.2.x * Fixed issues with cron interval detection that was causing issues with polling intervals less than 5 minutes. * User manager now allows usernames with spaces and dashes. Upgrade Notes From the release of 0.8.7 and forward Cactid will now be known as Spine. If you are currently using Cactid, you will need to download and install Spine. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]