openSUSE 2023:0275-1 Important: Cacti and Cacti-Spine Security Fixes
opensuse
September 26, 2023
An update that fixes 17 vulnerabilities is now available
Description
This update for cacti, cacti-spine fixes the following issues:
cacti-spine 1.2.25:
* Spine should see if script to be executed is executable
* Enhance number recognition
* When polling devices, sort by larger number of items first
* Log format may be corrupted when timeout occurs
* Compile warning appears due to GCC flag on RHEL7/RHEL8
* Downed device detection only checks one of the two uptime OIDs
* Compile error appears due to execinfo.h on FreeBSD
* Bootstrap shell script contains some PHP cruft
* Padding is not always removed from the start of non-numeric strings
* Improve SNMP result handling for non-numeric results
* Further improve SNMP result handling for non-numeric results
* Remove check for the max_oids column which has been present since Cacti
v1.0
* Minimize Sorting when fetching poller records for maximum performance
* Spine should see if script to be executed is executable
cacti-spine 1.2.24:
* Fix...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2023-275=1
Package List
- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64):
cacti-spine-1.2.25-29.1
- SUSE Package Hub for SUSE Linux Enterprise 12 (noarch):
cacti-1.2.25-35.1
References
https://www.suse.com/security/cve/CVE-2023-30534.html
https://www.suse.com/security/cve/CVE-2023-39357.html
https://www.suse.com/security/cve/CVE-2023-39358.html
https://www.suse.com/security/cve/CVE-2023-39359.html
https://www.suse.com/security/cve/CVE-2023-39360.html
https://www.suse.com/security/cve/CVE-2023-39361.html
https://www.suse.com/security/cve/CVE-2023-39362.html
https://www.suse.com/security/cve/CVE-2023-39364.html
https://www.suse.com/security/cve/CVE-2023-39365.html
https://www.suse.com/security/cve/CVE-2023-39366.html
https://www.suse.com/security/cve/CVE-2023-39510.html
https://www.suse.com/security/cve/CVE-2023-39511.html
https://www.suse.com/security/cve/CVE-2023-39512.html
https://www.suse.com/security/cve/CVE-2023-39513.html
https://www.suse.com/security/cve/CVE-2023-39514.html
https://www.suse.com/security/cve/CVE-2023-39515.html
https://www.suse.com/security/cve/CVE-2023-39516.html
https://bugzilla.suse.com/1215040
https://bugzilla.suse.com/1215042
https://bugzilla.suse.com/1215043...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2023:0275-1
Rating: important
Affected Products:
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP4
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12-SP3
SUSE Linux Enterprise Server for SAP Applications 12-SP4
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Package Hub for SUSE Linux Enterprise 12
.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!