Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 38: FEDORA-2023-6335ea9c0c Moderate: Cacti Security Updates

fedora
Calendar Grey October 13, 2023
Dist Fedora Esm H88
Upgrade cacti and cacti-spine to release 1.2.25, incorporating various upstream security patches in Fedora 38.
Update cacti and cacti-spine to version 1.2.25

Summary

Cacti is a complete frontend to RRDTool. It stores all of the

necessary information to create graphs and populate them with

data in a MySQL database. The frontend is completely PHP

driven.

Update Information:

Update cacti and cacti-spine to version 1.2.25. This includes the upstream fixes for many CVEs. https://github.com/Cacti/cacti/releases/tag/release%2F1.2.25

Topics%20covered

Topics Covered

security advisory security update Fedora cross-site scripting security fix SQL injection cacti

Change Log

* Wed Oct 4 2023 Carl George - 1.2.25-1 - Update to version 1.2.25

References


[ 1 ] Bug #2237577 - CVE-2023-39512 cacti: Cross-Site Scripting vulnerability with Device Name when managing Data Sources [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237577 [ 2 ] Bug #2237582 - CVE-2023-39514 cacti: Cross-Site Scripting vulnerability with Data Source Name when managing Graphs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237582 [ 3 ] Bug #2237583 - CVE-2023-39513 cacti: Cross-Site Scripting vulnerability with Device Name when debugging data queries [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237583 [ 4 ] Bug #2237585 - CVE-2023-39515 cacti: Cross-Site Scripting vulnerability with Data Source Name when debugging Data Queries [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237585 [ 5 ] Bug #2237588 - CVE-2023-39359 cacti: Authenticated SQL injection vulnerability when managing graphs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237588 [ 6 ] Bug ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-6335ea9c0c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: cacti
Product: Fedora 38
Version: 1.2.25
Release: 1.fc38
URL:
Summary: An rrd based graphing tool

Topics%20covered

Topics Covered

security advisory security update Fedora cross-site scripting security fix SQL injection cacti

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here