Updated cacti package fixes security vulnerability: SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action (CVE-2016-3172). SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g and earlier allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter (CVE-2016-3659).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | cacti | <Â 0.8.8f-1.5 | cacti-0.8.8f-1.5.mga5 |