• [SECURITY] [DSA 5298-1] cacti security update

    From Moritz Muehlenhoff@21:1/5 to All on Fri Dec 9 20:30:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5298-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 09, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : cacti
    CVE ID : CVE-2022-0730 CVE-2022-46169
    Debian Bug : 1008693 1025648

    Two security vulnerabilities have been discovered in Cacti, a web
    interface for graphing of monitoring systems, which could result in unauthenticated command injection or LDAP authentication bypass.

    For the stable distribution (bullseye), these problems have been fixed in version 1.2.16+ds1-2+deb11u1.

    We recommend that you upgrade your cacti packages.

    For the detailed security status of cacti please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/cacti

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmOTiuUACgkQEMKTtsN8 TjZelw/+IK8TVgkeBtodhDZpUpUlrBmGTZy/GQAGhCL7l5tVyDyrUySYlZWQg8db KHJHTGBIxSmsqkK923y/ddZApQreteoAIPyY5VVZ8EmSa7k+tzIvEUkJKlqDEnBl avQth37WaDsB4OYRW+bWMnCrvMhBzMIuuJOIdPAA5nNyhSgGiwxjbrMtInXFavd9 k+WO3FMoxD5Jdzc3BvFLH+NJJl4KP/E96WaHenOYonTkpu1ATEo2uqCA0jdWC1dW PtieLAvZvOKR9a8eieWLoKHn5GK9tsYN1VEqwPGdqLHe6vOmreUEqtnq86uNZ1Rh Ytv2uGWdRVs6jCUKUM8yM5qTBXHLqpaDVoOfHfRhQEI2anZlcFNuXXv3yEHOpWza nTlC7ncAbCF8kC0gzQ0nhb0AWehIwNsslxre8++FVjLlPHoppaaUlgwt3NFkq9IT s9MVohvp1RunSUig9/8Z9Im6U1o51rbbSWSjOGyFSNjljcoHJ1WOoVit/PIAyhIh U1gaUV2hqIc+owaWo+LV/zSC9Myv3IxhUGoryuozM+z2krXk+ywzMcVR3kWXyY2q qMmHRkljnYknchoSDJd0bthwQ5t0daGnzLoqeql8hwOveN7hVIDg5SCOnybgesjV QN9x8leb9OifmVOA7Gj3sYP9Czmh1kWqvNwM2KROo8tyDszsl78=
    =mHv/
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)