Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 38: 2023-6335ea9c0c Critical Fixes For Cacti-Spine

fedora
Calendar Grey October 13, 2023
Dist Fedora Esm H88
Upgrading zinnia and zinnia-spine on Ubuntu 22.04 resolves significant security flaws. Act promptly to secure your environment.
Update cacti and cacti-spine to version 1.2.25

Summary

Spine is a supplemental poller for Cacti that makes use of pthreads to achieve

excellent performance.

Update Information:

Update cacti and cacti-spine to version 1.2.25. This includes the upstream fixes for many CVEs. https://github.com/Cacti/cacti/releases/tag/release%2F1.2.25

Topics%20covered

Topics Covered

security advisory Fedora cross-site scripting update information critical fix SQL injection Cacti

Change Log

* Wed Oct 4 2023 Carl George - 1.2.25-1 - Update to version 1.2.25 * Wed Jul 19 2023 Fedora Release Engineering - 1.2.23-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

References


[ 1 ] Bug #2237577 - CVE-2023-39512 cacti: Cross-Site Scripting vulnerability with Device Name when managing Data Sources [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237577 [ 2 ] Bug #2237582 - CVE-2023-39514 cacti: Cross-Site Scripting vulnerability with Data Source Name when managing Graphs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237582 [ 3 ] Bug #2237583 - CVE-2023-39513 cacti: Cross-Site Scripting vulnerability with Device Name when debugging data queries [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237583 [ 4 ] Bug #2237585 - CVE-2023-39515 cacti: Cross-Site Scripting vulnerability with Data Source Name when debugging Data Queries [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237585 [ 5 ] Bug #2237588 - CVE-2023-39359 cacti: Authenticated SQL injection vulnerability when managing graphs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2237588 [ 6 ] Bug ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-6335ea9c0c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: cacti-spine
Product: Fedora 38
Version: 1.2.25
Release: 1.fc38
URL:
Summary: Threaded poller for Cacti written in C

Topics%20covered

Topics Covered

security advisory Fedora cross-site scripting update information critical fix SQL injection Cacti

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here