This bug was fixed in the package cacti - 0.8.7e-2ubuntu0.1 --------------- cacti (0.8.7e-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: Fix SQL injection vulnerability in templates_export.php (LP: #599892) - debian/patches/CVE-2010-1431.patch: patch derived from upstream patch - CVE-2010-1431 * SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities - debian/patches/CVE-2010-1644.patch: patch derived from upstream patch - CVE-2010-1644 * SECURITY UPDATE: Fix arbitrary command execution vuln - debian/patches/CVE-2010-1645.patch: patch derived from upstream patches - CVE-2010-1645 * SECURITY UPDATE: Fix a SQL injection vulnerability in graph.php - debian/patches/CVE-2010-2092.patch: patch derived from Debian patch - CVE-2010-2092 - DSA-2060 * SECURITY UPDATE: Fix cross-site scripting (XSS) vulnerabilities - debian/patches/CVE-2010-2543.patch: patch derived from upstream patches - CVE-2010-2543 - CVE-2010-2544 - CVE-2010-2545 -- Brian Thomason <brian.thoma...@canonical.com> Mon, 24 Jan 2011 11:20:13 -0500 ** Changed in: cacti (Ubuntu Lucid) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. https://bugs.launchpad.net/bugs/599892 Title: [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs