Update to 1.1.13

This commit is contained in:
Morten Stevens 2017-07-14 22:26:28 +02:00
parent d6653ab510
commit a67cc0b555
4 changed files with 7 additions and 40 deletions

1
.gitignore vendored
View File

@ -17,3 +17,4 @@
/cacti-1.1.10.tar.gz
/cacti-1.1.11.tar.gz
/cacti-1.1.12.tar.gz
/cacti-1.1.13.tar.gz

View File

@ -1,35 +0,0 @@
From 3381cba6a9e36b01ed0ab0acfd41b00487966cb5 Mon Sep 17 00:00:00 2001
From: cigamit <jimmy@sqmail.org>
Date: Wed, 5 Jul 2017 06:45:03 -0500
Subject: [PATCH] Resolving Issue #838
Cross-site Scripting (XSS) issue with link.php
---
docs/CHANGELOG | 3 +++
lib/html_validate.php | 6 +++---
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/lib/html_validate.php b/lib/html_validate.php
index 3d5e97fad..d5cb6168f 100644
--- a/lib/html_validate.php
+++ b/lib/html_validate.php
@@ -48,16 +48,16 @@ function die_html_input_error($variable = '', $value = '', $message = '') {
global $config;
?>
- <table style="width:100%;text-align:center;">
+ <table style='width:100%;text-align:center;'>
<tr>
<td>
- Validation error<?php print ($variable != '' ? ' for variable ' . $variable . ', with value of "' . $value . '"' . ($message != '' ? ', and error:' . $message : '') : '');?>. See backtrace below for more details.
+ <?php print __('Validation error for variable %s with a value of %s. See backtrace below for more details.', $variable, htmlspecialchars($value));?>
</td>
</tr>
</table>
<?php
- cacti_debug_backtrace('Validation Error' . ($variable != '' ? ", Variable:$variable":"") . ($value != '' ? ", Value:$value":""), true);
+ cacti_debug_backtrace('Validation Error' . ($variable != '' ? ", Variable:$variable":'') . ($value != '' ? ", Value:$value":''), true);
bottom_footer();
exit;

View File

@ -1,6 +1,6 @@
Name: cacti
Version: 1.1.12
Release: 2%{?dist}
Version: 1.1.13
Release: 1%{?dist}
Summary: An rrd based graphing tool
License: GPLv2+
URL: http://www.cacti.net/
@ -9,7 +9,6 @@ Source1: cacti-httpd.conf
Source2: cacti.logrotate
Source3: cacti.README.fedora
Source4: %{name}.cron
Patch0: cacti-fix-xss.patch
# Requires PHP 5.3+
Requires: php(language) >= 5.3
@ -70,7 +69,6 @@ driven.
%prep
%setup -q
%patch0 -p1
%build
# cacti's build is a noop
@ -168,6 +166,9 @@ restorecon -Rv '/var/log/cacti' &> /dev/null || :
%attr(-,root,root) %{_localstatedir}/lib/%{name}/lib
%changelog
* Fri Jul 14 2017 Morten Stevens <mstevens@fedoraproject.org> - 1.1.13-1
- Update to 1.1.13
* Thu Jul 06 2017 Morten Stevens <mstevens@fedoraproject.org> - 1.1.12-2
- Fix Cross-site Scripting (XSS) issue with link.php

View File

@ -1 +1 @@
SHA512 (cacti-1.1.12.tar.gz) = 852695a5f8efc11c67e9b2ebcdb42a84e445a7d936eaf829028c3b658c1ee51b341dd3632c1d4e4aa166cd95268dbc84afe71bb7a82d96106420edbe93a3164c
SHA512 (cacti-1.1.13.tar.gz) = 3f18ee1c940392c235e6e4648297e015e3bee2ae028e14348c1679af580d102c1ba8ea0ca08935c9f7608c691329125093fad0af8feb8b7cfbe066b975589a3a