Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Fedora 27: 2017-19c9fc71f9 Critical XSS Threat in Cacti Update

fedora
Calendar Grey November 11, 2017
Dist Fedora Esm H88
Fedora 28 cacti patch resolves severe XSS vulnerability enhancing protection and usability for individuals. Discover additional details here.
- Update to 1.1.26 - CVE-2017-15194 Release notes:

Summary

Cacti is a complete frontend to RRDTool. It stores all of the

necessary information to create graphs and populate them with

data in a MySQL database. The frontend is completely PHP

driven.

- Update to 1.1.26 - CVE-2017-15194 Release notes:

[ 1 ] Bug #1500456 - CVE-2017-15194 cacti: XSS in the URI / refresh page in include/global_session.php

https://bugzilla.redhat.com/show_bug.cgi?id=1500456

su -c 'dnf upgrade cacti' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 27
Version: 1.1.26
Release: 1.fc27
URL:
Summary: An rrd based graphing tool

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.