Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

openSUSE 2022:0145-1 Moderate: Authentication Bypass Fix in Cacti

opensuse
Calendar Grey May 24, 2022
Dist Opensuse Esm H88
Discover the recent openSUSE update that resolves critical security flaws in cacti and its spine service for better security.
An update that solves one vulnerability and has one errata is now available

Description

This update for cacti, cacti-spine fixes the following issues:

cacti-spine was updated to 1.2.20:

* Add support for newer versions of MySQL/MariaDB

* When checking for uptime of device, don't assume a non-response is

always fatal

* Fix description and command trunctation issues

* Improve spine performance when only one snmp agent port is in use

cacti-spine 1.2.19:

* Fix 1ssues with polling loop may skip some datasources

* Fix ping no longer works due to hostname changes

* Fix RRD steps are not always calculated correctly

* Fix unable to build when DES no longer supported

* Fix IPv6 devices are not properly parsed

* Reduce a number of compiler warnings

* Fix compiler warnings due to lack of return in thread_mutex_trylock

* Fix Spine will not look at non-timetics uptime when sysUpTimeInstance

overflows

* Improve performance of Cacti poller on heavily loaded systems

cacti-spine 1.2.20:

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security fix authentication bypass cacti openSUSE cacti-spine

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2022-145=1

Package List

- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):

cacti-spine-1.2.20-bp153.2.9.1

- openSUSE Backports SLE-15-SP3 (noarch):

cacti-1.2.20-bp153.2.9.1

References

https://www.suse.com/security/cve/CVE-2022-0730.html

https://bugzilla.suse.com/1192408

https://bugzilla.suse.com/1196692

Announcement ID: openSUSE-SU-2022:0145-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP3 ble.

Topics%20covered

Topics Covered

security advisory moderate security fix authentication bypass cacti openSUSE cacti-spine

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here