[SECURITY] Fedora 7 Update: cacti-0.8.6j-8.fc7
updates at fedoraproject.org
updates at fedoraproject.org
Tue Sep 18 19:21:54 UTC 2007
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2199
2007-09-18 03:24:39
--------------------------------------------------------------------------------
Name : cacti
Product : Fedora 7
Version : 0.8.6j
Release : 8.fc7
URL : http://www.cacti.net/
Summary : An rrd based graphing tool
Description :
Cacti is a complete frontend to RRDTool. It stores all of the
necessary information to create graphs and populate them with
data in a MySQL database. The frontend is completely PHP
driven. Along with being able to maintain graphs, data
sources, and round robin archives in a database, Cacti also
handles the data gathering. There is SNMP support for those
used to creating traffic graphs with MRTG.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 14 2007 Mike McGrath <mmcgrath at redhat.com> - 0.8.6j-8
- Fix for CVE-2007-3112 bz#243592
* Sat Sep 8 2007 Mike McGrath <mmcgrath at redhat.com> - 0.8.6j-6
- rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #243592 - CVE-2007-3112, CVE-2007-3113: cacti DoS vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=243592
[ 2 ] CVE-2007-3112
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3112
[ 3 ] CVE-2007-3113
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3113
--------------------------------------------------------------------------------
Updated packages:
657a629ec4fc4fbfdb01ae7cd7394e0896cff155 cacti-0.8.6j-8.fc7.noarch.rpm
6a512f473b6c726bbb67bb85985f4d09c66f0740 cacti-0.8.6j-8.fc7.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update cacti'
at the command line. For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
More information about the package-announce
mailing list