This update for cacti, cacti-spine to version 1.1.28 fixes the following
issues:
- CVE-2017-16641: Potential code execution vulnerability in RRDtool
functions (boo#1067166)
- CVE-2017-16660: Remote execution vulnerability in logging function
(boo#1067164)
- CVE-2017-16661: Arbitrary file read vulnerability in view log file
(boo#1067163)
- CVE-2017-16785: Reflection XSS vulnerability (boo#1068028)
This update to version 1.1.28 also contains a number of upstream bug fixes
and improvements.