Hello community, here is the log from the commit of package patchinfo.3596 for openSUSE:13.2:Update checked in at 2015-03-11 16:15:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/patchinfo.3596 (Old) and /work/SRC/openSUSE:13.2:Update/.patchinfo.3596.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.3596" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3596"> <issue id="920399" tracker="bnc">VUL-0: CVE-2014-2327, CVE-2014-4002, CVE-2014-5025, CVE-2014-5026: cacti: fixes multiple vulnerabilities</issue> <issue id="CVE-2014-2327" tracker="cve" /> <issue id="CVE-2014-4002" tracker="cve" /> <issue id="CVE-2014-5025" tracker="cve" /> <issue id="CVE-2014-5026" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>AndreasStieger</packager> <description> cacti was updated to version 0.8.8c [boo#920399] This update fixes four vulnerabilities and adds some compatible features. - Security fixes not previously patched: - CVE-2014-2326 - XSS issue via CDEF editing - CVE-2014-2327 - Cross-site request forgery (CSRF) vulnerability - CVE-2014-2328 - Remote Command Execution Vulnerability in graph export - CVE-2014-4002 - XSS issues in multiple files - CVE-2014-5025 - XSS issue via data source editing - CVE-2014-5026 - XSS issues in multiple files - Security fixes now upstream: - CVE-2013-5588 - XSS issue via installer or device editing - CVE-2013-5589 - SQL injection vulnerability in device editing New features: - New graph tree view - Updated graph list and graph preview - Refactor graph tree view to remove GPL incompatible code - Updated command line database upgrade utility - Graph zooming now from everywhere </description> <summary>Security update for cacti</summary> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org