From 865ba5a6cf01b60c84124f28533d39240a2717ae Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Sun, 9 Sep 2007 02:36:14 +0000
Subject: [PATCH 01/31] Silly rebuild

---
 cacti.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index a63b842..593abef 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.6j
-Release: 1%{?dist}
+Release: 6%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -103,6 +103,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Sat Sep 08 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-6
+- rebuild
+
 * Sat May 05 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-5
 - Upstream released new version
 

From 086703965c46597819e28111f8edc7e979ddf5c7 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Fri, 14 Sep 2007 21:26:13 +0000
Subject: [PATCH 02/31] Patches for bug#243592

---
 CVE-2007-3112.patch | 29 +++++++++++++++++++++++++++++
 cacti.spec          |  7 ++++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2007-3112.patch

diff --git a/CVE-2007-3112.patch b/CVE-2007-3112.patch
new file mode 100644
index 0000000..e77b2b4
--- /dev/null
+++ b/CVE-2007-3112.patch
@@ -0,0 +1,29 @@
+--- branches/BRANCH_0_8_6/cacti/graph_image.php	2007/03/04 20:17:57	3898
++++ branches/BRANCH_0_8_6/cacti/graph_image.php	2007/06/04 06:41:13	3956
+@@ -49,22 +49,22 @@
+ $graph_data_array = array();
+ 
+ /* override: graph start time (unix time) */
+-if (!empty($_GET["graph_start"])) {
++if (!empty($_GET["graph_start"]) && $_GET["graph_start"] < 1600000000) {
+ 	$graph_data_array["graph_start"] = $_GET["graph_start"];
+ }
+ 
+ /* override: graph end time (unix time) */
+-if (!empty($_GET["graph_end"])) {
++if (!empty($_GET["graph_end"]) && $_GET["graph_end"] < 1600000000) {
+ 	$graph_data_array["graph_end"] = $_GET["graph_end"];
+ }
+ 
+ /* override: graph height (in pixels) */
+-if (!empty($_GET["graph_height"])) {
++if (!empty($_GET["graph_height"]) && $_GET["graph_height"] < 3000) {
+ 	$graph_data_array["graph_height"] = $_GET["graph_height"];
+ }
+ 
+ /* override: graph width (in pixels) */
+-if (!empty($_GET["graph_width"])) {
++if (!empty($_GET["graph_width"]) && $_GET["graph_width"] < 3000) {
+ 	$graph_data_array["graph_width"] = $_GET["graph_width"];
+ }
+ 
diff --git a/cacti.spec b/cacti.spec
index 593abef..5dcf174 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.6j
-Release: 6%{?dist}
+Release: 7%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -12,6 +12,7 @@ Source2: cacti.logrotate
 Source3: cacti.README.Fedora
 
 Patch1: cacti-0.8.6h-dbcfg.patch
+Patch2: CVE-2007-3112.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -32,6 +33,7 @@ used to creating traffic graphs with MRTG.
 %prep
 %setup -q
 %patch1 -p0
+%patch2 -p3
 
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
@@ -103,6 +105,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Fri Sep 14 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-7
+- Fix for CVE-2007-3112 bz#243592
+
 * Sat Sep 08 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-6
 - rebuild
 

From ece2b07b4fa16e461085f67ca924430088498e23 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Fri, 14 Sep 2007 21:30:22 +0000
Subject: [PATCH 03/31] Release bump because Its friday and I'm stupid

---
 cacti.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cacti.spec b/cacti.spec
index 5dcf174..8c0121b 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.6j
-Release: 7%{?dist}
+Release: 8%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -105,7 +105,7 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
-* Fri Sep 14 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-7
+* Fri Sep 14 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-8
 - Fix for CVE-2007-3112 bz#243592
 
 * Sat Sep 08 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-6

From c3bc59edf4a3a26b7ce672f18a5f70ae0317f50e Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Fri, 21 Sep 2007 14:57:08 +0000
Subject: [PATCH 04/31] Added official patches from the cacti site

---
 cacti.spec                                    |  15 +-
 dec06-vulnerability-poller-0.8.6i.patch       | 137 ------------------
 dec06-vulnerability-scripts-0.8.6i.patch      | 106 --------------
 fix_search_session_clear_issue.patch          |  27 ----
 ...sql_syntax_related_to_default_rra_id.patch |  22 ---
 graph_debug_lockup_fix.patch                  |  18 +++
 import_template_argument_space_removal.patch  |  14 --
 mysql_5x_strict.patch                         |  52 -------
 nth_percentile_empty_return_set_issue.patch   |  94 ------------
 ping_php_version4_snmpgetnext.patch           |  42 ++++++
 poller_output_remainder.patch                 |  46 ------
 snmpwalk_fix.patch                            |  15 ++
 thumbnail_graphs_not_working.patch            |  20 +++
 tree_console_missing_hosts.patch              |  20 +++
 14 files changed, 129 insertions(+), 499 deletions(-)
 delete mode 100644 dec06-vulnerability-poller-0.8.6i.patch
 delete mode 100644 dec06-vulnerability-scripts-0.8.6i.patch
 delete mode 100644 fix_search_session_clear_issue.patch
 delete mode 100644 fix_sql_syntax_related_to_default_rra_id.patch
 create mode 100644 graph_debug_lockup_fix.patch
 delete mode 100644 import_template_argument_space_removal.patch
 delete mode 100644 mysql_5x_strict.patch
 delete mode 100644 nth_percentile_empty_return_set_issue.patch
 create mode 100644 ping_php_version4_snmpgetnext.patch
 delete mode 100644 poller_output_remainder.patch
 create mode 100644 snmpwalk_fix.patch
 create mode 100644 thumbnail_graphs_not_working.patch
 create mode 100644 tree_console_missing_hosts.patch

diff --git a/cacti.spec b/cacti.spec
index 8c0121b..de88c3c 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.6j
-Release: 8%{?dist}
+Release: 9%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -13,6 +13,11 @@ Source3: cacti.README.Fedora
 
 Patch1: cacti-0.8.6h-dbcfg.patch
 Patch2: CVE-2007-3112.patch
+Patch3: ping_php_version4_snmpgetnext.patch
+Patch4: tree_console_missing_hosts.patch
+Patch5: thumbnail_graphs_not_working.patch
+Patch6: graph_debug_lockup_fix.patch
+Patch7: snmpwalk_fix.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -34,6 +39,11 @@ used to creating traffic graphs with MRTG.
 %setup -q
 %patch1 -p0
 %patch2 -p3
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
 
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
@@ -105,6 +115,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Fri Sep 21 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-9
+- Added rest of official patches
+
 * Fri Sep 14 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-8
 - Fix for CVE-2007-3112 bz#243592
 
diff --git a/dec06-vulnerability-poller-0.8.6i.patch b/dec06-vulnerability-poller-0.8.6i.patch
deleted file mode 100644
index f19c555..0000000
--- a/dec06-vulnerability-poller-0.8.6i.patch
+++ /dev/null
@@ -1,137 +0,0 @@
-diff -ruBbd cacti-0.8.6i/cmd.php cacti-0.8.6i-patch/cmd.php
---- cacti-0.8.6i/cmd.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/cmd.php	2007-01-01 12:27:15.328125000 -0500
-@@ -26,7 +26,7 @@
- */
- 
- /* do NOT run this script through a web browser */
--if (!isset($_SERVER["argv"][0])) {
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
- 	die("<br><strong>This script is only meant to run at the command line.</strong>");
- }
- 
-@@ -70,6 +71,10 @@
- 	$print_data_to_stdout = false;
- 	if ($_SERVER["argc"] == "3") {
- 		if ($_SERVER["argv"][1] <= $_SERVER["argv"][2]) {
-+			/* address potential exploits */
-+			input_validate_input_number($_SERVER["argv"][1]);
-+			input_validate_input_number($_SERVER["argv"][2]);
-+
- 			$hosts = db_fetch_assoc("select * from host where (disabled = '' and " .
- 					"id >= " .
- 					$_SERVER["argv"][1] .
-diff -ruBbd cacti-0.8.6i/copy_cacti_user.php cacti-0.8.6i-patch/copy_cacti_user.php
---- cacti-0.8.6i/copy_cacti_user.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/copy_cacti_user.php	2007-01-01 12:27:15.312500000 -0500
-@@ -25,9 +25,10 @@
- */
- 
- /* do NOT run this script through a web browser */
--if (! isset($_SERVER["argv"][0])) {
--	die("This script is only meant to run at the command line.\n");
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
- }
-+
- if (empty($_SERVER["argv"][2])) {
- 	die("\nSyntax:\n php copy_cacti_user.php <template user> <new user>\n\n");
- }
-diff -ruBbd cacti-0.8.6i/include/html/inc_timespan_settings.php cacti-0.8.6i-patch/include/html/inc_timespan_settings.php
---- cacti-0.8.6i/include/html/inc_timespan_settings.php	2006-10-09 00:05:58.000000000 -0400
-+++ cacti-0.8.6i-patch/include/html/inc_timespan_settings.php	2007-01-02 11:55:45.953125000 -0500
-@@ -24,6 +24,20 @@
-  +-------------------------------------------------------------------------+
- */
- 
-+/* ================= input validation ================= */
-+input_validate_input_number(get_request_var_request("predefined_timespan"));
-+/* ==================================================== */
-+
-+/* clean up date1 string */
-+if (isset($_REQUEST["date1"])) {
-+	$_REQUEST["date1"] = sanitize_search_string(get_request_var("date1"));
-+}
-+
-+/* clean up date2 string */
-+if (isset($_REQUEST["date2"])) {
-+	$_REQUEST["date2"] = sanitize_search_string(get_request_var("date2"));
-+}
-+
- /* initialize the timespan array */
- $timespan = array();
- 
-diff -ruBbd cacti-0.8.6i/poller.php cacti-0.8.6i-patch/poller.php
---- cacti-0.8.6i/poller.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/poller.php	2007-01-01 12:27:15.328125000 -0500
-@@ -26,7 +26,7 @@
- */
- 
- /* do NOT run this script through a web browser */
--if (!isset($_SERVER["argv"][0])) {
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
- 	die("<br><strong>This script is only meant to run at the command line.</strong>");
- }
- 
-diff -ruBbd cacti-0.8.6i/poller_commands.php cacti-0.8.6i-patch/poller_commands.php
---- cacti-0.8.6i/poller_commands.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/poller_commands.php	2007-01-01 12:27:15.328125000 -0500
-@@ -27,7 +27,7 @@
- define("MAX_RECACHE_RUNTIME", 296);
- 
- /* do NOT run this script through a web browser */
--if (!isset($_SERVER["argv"][0])) {
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
- 	die("<br><strong>This script is only meant to run at the command line.</strong>");
- }
- 
-diff -ruBbd cacti-0.8.6i/poller_export.php cacti-0.8.6i-patch/poller_export.php
---- cacti-0.8.6i/poller_export.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/poller_export.php	2007-01-01 12:27:15.328125000 -0500
-@@ -25,7 +25,7 @@
- */
- 
- /* do NOT run this script through a web browser */
--if (!isset($_SERVER["argv"][0])) {
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
- 	die("<br><strong>This script is only meant to run at the command line.</strong>");
- }
- 
-diff -ruBbd cacti-0.8.6i/poller_reindex_hosts.php cacti-0.8.6i-patch/poller_reindex_hosts.php
---- cacti-0.8.6i/poller_reindex_hosts.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/poller_reindex_hosts.php	2007-01-01 12:27:15.328125000 -0500
-@@ -25,7 +25,7 @@
- */
- 
- /* do NOT run this script through a web browser */
--if (!isset($_SERVER["argv"][0])) {
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
- 	die("<br><strong>This script is only meant to run at the command line.</strong>");
- }
- 
-diff -ruBbd cacti-0.8.6i/rebuild_poller_cache.php cacti-0.8.6i-patch/rebuild_poller_cache.php
---- cacti-0.8.6i/rebuild_poller_cache.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/rebuild_poller_cache.php	2007-01-01 12:27:15.312500000 -0500
-@@ -25,7 +25,7 @@
- */
- 
- /* do NOT run this script through a web browser */
--if (!isset($_SERVER["argv"][0])) {
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
- 	die("<br><strong>This script is only meant to run at the command line.</strong>");
- }
- 
-diff -ruBbd cacti-0.8.6i/script_server.php cacti-0.8.6i-patch/script_server.php
---- cacti-0.8.6i/script_server.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/script_server.php	2007-01-01 12:27:15.312500000 -0500
-@@ -26,9 +26,8 @@
- $no_http_headers = true;
- 
- /* do NOT run this script through a web browser */
--if (!isset($_SERVER["argv"][0])) {
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
- 	die("<br><strong>This script is only meant to run at the command line.</strong>");
--	exit(-1);
- }
- 
- /* define STDOUT/STDIN file descriptors if not running under CLI */
diff --git a/dec06-vulnerability-scripts-0.8.6i.patch b/dec06-vulnerability-scripts-0.8.6i.patch
deleted file mode 100644
index f59bfa9..0000000
--- a/dec06-vulnerability-scripts-0.8.6i.patch
+++ /dev/null
@@ -1,106 +0,0 @@
-diff -ruBbd cacti-0.8.6i/scripts/query_host_cpu.php cacti-0.8.6i-patch/scripts/query_host_cpu.php
---- cacti-0.8.6i/scripts/query_host_cpu.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/scripts/query_host_cpu.php	2007-01-01 12:50:55.781250000 -0500
-@@ -1,6 +1,12 @@
- <?php
- 
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
- $no_http_headers = true;
-+
- include(dirname(__FILE__) . "/../include/config.php");
- include(dirname(__FILE__) . "/../lib/snmp.php");
- 
-diff -ruBbd cacti-0.8.6i/scripts/query_host_partitions.php cacti-0.8.6i-patch/scripts/query_host_partitions.php
---- cacti-0.8.6i/scripts/query_host_partitions.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/scripts/query_host_partitions.php	2007-01-01 12:50:55.781250000 -0500
-@@ -1,6 +1,12 @@
- <?php
- 
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
- $no_http_headers = true;
-+
- include(dirname(__FILE__) . "/../include/config.php");
- include(dirname(__FILE__) . "/../lib/snmp.php");
- 
-diff -ruBbd cacti-0.8.6i/scripts/sql.php cacti-0.8.6i-patch/scripts/sql.php
---- cacti-0.8.6i/scripts/sql.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/scripts/sql.php	2007-01-01 12:50:55.781250000 -0500
-@@ -1,6 +1,12 @@
- <?
- 
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
- $no_http_headers = true;
-+
- include(dirname(__FILE__) . "/../include/config.php");
- 
- if ($database_password == "") {
-diff -ruBbd cacti-0.8.6i/scripts/ss_fping.php cacti-0.8.6i-patch/scripts/ss_fping.php
---- cacti-0.8.6i/scripts/ss_fping.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/scripts/ss_fping.php	2007-01-01 12:50:55.796875000 -0500
-@@ -1,7 +1,11 @@
- <?php
- #!/usr/bin/php -q
- 
--//STANDARD SCRIPT SERVER HEADER!!!
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
- $no_http_headers = true;
- 
- /* display No errors */
-diff -ruBbd cacti-0.8.6i/scripts/ss_host_cpu.php cacti-0.8.6i-patch/scripts/ss_host_cpu.php
---- cacti-0.8.6i/scripts/ss_host_cpu.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/scripts/ss_host_cpu.php	2007-01-01 12:50:55.796875000 -0500
-@@ -1,4 +1,10 @@
- <?php
-+
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
- $no_http_headers = true;
- 
- /* display No errors */
-diff -ruBbd cacti-0.8.6i/scripts/ss_host_disk.php cacti-0.8.6i-patch/scripts/ss_host_disk.php
---- cacti-0.8.6i/scripts/ss_host_disk.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/scripts/ss_host_disk.php	2007-01-01 12:50:55.796875000 -0500
-@@ -1,4 +1,10 @@
- <?php
-+
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
- $no_http_headers = true;
- 
- /* display No errors */
-diff -ruBbd cacti-0.8.6i/scripts/ss_sql.php cacti-0.8.6i-patch/scripts/ss_sql.php
---- cacti-0.8.6i/scripts/ss_sql.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/scripts/ss_sql.php	2007-01-01 12:50:55.781250000 -0500
-@@ -1,5 +1,10 @@
- <?php
- 
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+   die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
- $no_http_headers = true;
- 
- /* display ALL errors */
diff --git a/fix_search_session_clear_issue.patch b/fix_search_session_clear_issue.patch
deleted file mode 100644
index d18759d..0000000
--- a/fix_search_session_clear_issue.patch
+++ /dev/null
@@ -1,27 +0,0 @@
---- cacti-0.8.6h/host.php	2006-01-03 21:08:30.000000000 -0600
-+++ cacti-fixed/host.php	2006-01-06 22:45:51.630701318 -0600
-@@ -726,18 +726,18 @@
- 		unset($_REQUEST["host_status"]);
- 	}
- 
--	if (!empty($_SESSION["sess_host_status"])) {
--		if ($_SESSION["sess_host_status"] != $_REQUEST["host_status"]) {
--			$_REQUEST["page"] = 1;
--		}
--	}
--
- 	/* remember these search fields in session vars so we don't have to keep passing them around */
- 	load_current_session_value("page", "sess_device_current_page", "1");
- 	load_current_session_value("filter", "sess_device_filter", "");
- 	load_current_session_value("host_template_id", "sess_device_host_template_id", "-1");
- 	load_current_session_value("host_status", "sess_host_status", "-1");
- 
-+	if (!empty($_SESSION["sess_host_status"])) {
-+		if ($_SESSION["sess_host_status"] != $_REQUEST["host_status"]) {
-+			$_REQUEST["page"] = 1;
-+		}
-+	}
-+
- 	html_start_box("<strong>Devices</strong>", "98%", $colors["header"], "3", "center", "host.php?action=edit&host_template_id=" . $_REQUEST["host_template_id"] . "&host_status=" . $_REQUEST["host_status"]);
- 
- 	include("./include/html/inc_device_filter_table.php");
diff --git a/fix_sql_syntax_related_to_default_rra_id.patch b/fix_sql_syntax_related_to_default_rra_id.patch
deleted file mode 100644
index e7ea792..0000000
--- a/fix_sql_syntax_related_to_default_rra_id.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- cacti-0.8.6h/graph.php	2006-01-03 21:08:30.000000000 -0600
-+++ cacti-fixed/graph.php	2006-01-06 22:40:29.643671752 -0600
-@@ -130,13 +130,13 @@
- 	$timespan = -($rra["timespan"]);
- 
- 	/* find the step and how often this graph is updated with new data */
--	$ds_step = db_fetch_cell("select
-+	$ds_step = db_fetch_cell("SELECT
- 		data_template_data.rrd_step
--		from (data_template_data,data_template_rrd,graph_templates_item)
--		where graph_templates_item.task_item_id=data_template_rrd.id
--		and data_template_rrd.local_data_id=data_template_data.local_data_id
--		and graph_templates_item.local_graph_id=" . $_GET["local_graph_id"] .
--		"limit 0,1");
-+		FROM (data_template_data,data_template_rrd,graph_templates_item)
-+		WHERE graph_templates_item.task_item_id=data_template_rrd.id
-+		AND data_template_rrd.local_data_id=data_template_data.local_data_id
-+		AND graph_templates_item.local_graph_id=" . $_GET["local_graph_id"] .
-+		" LIMIT 0,1");
- 	$ds_step = empty($ds_step) ? 300 : $ds_step;
- 	$seconds_between_graph_updates = ($ds_step * $rra["steps"]);
- 
diff --git a/graph_debug_lockup_fix.patch b/graph_debug_lockup_fix.patch
new file mode 100644
index 0000000..d740a2a
--- /dev/null
+++ b/graph_debug_lockup_fix.patch
@@ -0,0 +1,18 @@
+--- cacti-0.8.6j/lib/rrd.php	2007-01-17 19:23:10.000000000 -0500
++++ cacti-0.8.6j-patch/lib/rrd.php	2007-03-01 15:32:18.609375000 -0500
+@@ -83,6 +83,7 @@
+ 	if ($config["cacti_server_os"] == "unix") {
+ 		/* an empty $rrd_struc array means no fp is available */
+ 		if (sizeof($rrd_struc) == 0) {
++			session_write_close();
+ 			$fp = popen(read_config_option("path_rrdtool") . escape_command(" $command_line"), "r");
+ 		}else{
+ 			fwrite(rrd_get_fd($rrd_struc, RRDTOOL_PIPE_CHILD_READ), escape_command(" $command_line") . "\r\n");
+@@ -91,6 +92,7 @@
+ 	}elseif ($config["cacti_server_os"] == "win32") {
+ 		/* an empty $rrd_struc array means no fp is available */
+ 		if (sizeof($rrd_struc) == 0) {
++			session_write_close();
+ 			$fp = popen(read_config_option("path_rrdtool") . escape_command(" $command_line"), "rb");
+ 		}else{
+ 			fwrite(rrd_get_fd($rrd_struc, RRDTOOL_PIPE_CHILD_READ), escape_command(" $command_line") . "\r\n");
diff --git a/import_template_argument_space_removal.patch b/import_template_argument_space_removal.patch
deleted file mode 100644
index 776c1be..0000000
--- a/import_template_argument_space_removal.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- cacti-0.8.6i/lib/import.php	2006-10-09 00:06:00.000000000 -0400
-+++ cacti-0.8.6i-patch/lib/import.php	2007-01-02 08:17:09.593750000 -0500
-@@ -687,6 +687,11 @@
- 	while (list($field_name, $field_array) = each($fields_data_input_edit)) {
- 		/* make sure this field exists in the xml array first */
- 		if (isset($xml_array[$field_name])) {
-+			/* fix issue with data input method importing and white spaces */
-+			if ($field_name == "input_string") {
-+				$xml_array[$field_name] = str_replace("><", "> <", $xml_array[$field_name]);
-+			}
-+
- 			$save[$field_name] = addslashes(xml_character_decode($xml_array[$field_name]));
- 		}
- 	}
diff --git a/mysql_5x_strict.patch b/mysql_5x_strict.patch
deleted file mode 100644
index c174971..0000000
--- a/mysql_5x_strict.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-diff -ruBbd cacti-0.8.6h/cacti.sql yak/cacti.sql
---- cacti-0.8.6h/cacti.sql	2006-01-03 22:08:36.000000000 -0500
-+++ yak/cacti.sql	2006-01-07 16:21:36.406250000 -0500
-@@ -1846,7 +1846,7 @@
-   avg_time decimal(10,5) default '0.00000',
-   total_polls int(12) unsigned default '0',
-   failed_polls int(12) unsigned default '0',
--  availability decimal(7,5) NOT NULL default '100.00000',
-+  availability decimal(8,5) NOT NULL default '100.00000',
-   PRIMARY KEY  (id)
- ) TYPE=MyISAM;
- 
-diff -ruBbd cacti-0.8.6h/lib/database.php yak/lib/database.php
---- cacti-0.8.6h/lib/database.php	2006-01-03 22:08:36.000000000 -0500
-+++ yak/lib/database.php	2006-01-07 14:43:36.156250000 -0500
-@@ -214,14 +214,14 @@
-    @arg $table_name - the name of the table to make the replacement in
-    @arg $key_cols - the primary key(s)
-    @returns - the auto incriment id column (if applicable) */
--function sql_save($array_items, $table_name, $key_cols = "id") {
-+function sql_save($array_items, $table_name, $key_cols = "id", $autoinc = TRUE) {
- 	global $cnn_id;
- 
- 	while (list ($key, $value) = each ($array_items)) {
- 		$array_items[$key] = "\"" . sql_sanitize($value) . "\"";
- 	}
- 
--	if (!$cnn_id->Replace($table_name, $array_items, $key_cols, false)) { return 0; }
-+	if (!$cnn_id->Replace($table_name, $array_items, $key_cols, FALSE, $autoinc)) { return 0; }
- 
- 	/* get the last AUTO_ID and return it */
- 	if ($cnn_id->Insert_ID() == "0") {
-diff -ruBbd cacti-0.8.6h/lib/template.php yak/lib/template.php
---- cacti-0.8.6h/lib/template.php	2006-01-03 22:08:36.000000000 -0500
-+++ yak/lib/template.php	2006-01-07 15:08:31.953125000 -0500
-@@ -643,10 +642,16 @@
- 
- 					/* if there are no '|' characters, all of the substitutions were successful */
- 					if (!strstr($subs_string, "|query")) {
-+						if (sizeof(db_fetch_row("show columns from data_template_data like '" . $suggested_value["field_name"] . "'"))) {
- 						db_execute("update data_template_data set " . $suggested_value["field_name"] . "='" . addslashes($suggested_value["text"]) . "' where local_data_id=" . $cache_array["local_data_id"]{$data_template["id"]});
-+						}
- 
- 						/* once we find a working value, stop */
- 						$suggested_values_ds{$data_template["id"]}{$suggested_value["field_name"]} = true;
-+
-+						if (sizeof(db_fetch_row("show columns from data_template_rrd like '" . $suggested_value["field_name"] . "'"))) {
-+							db_execute("update data_template_rrd set " . $suggested_value["field_name"] . "='" . $subs_string . "' where local_data_id=" . $cache_array["local_data_id"]{$data_template["id"]});
-+						}
- 					}
- 				}
- 			}
diff --git a/nth_percentile_empty_return_set_issue.patch b/nth_percentile_empty_return_set_issue.patch
deleted file mode 100644
index dbce46e..0000000
--- a/nth_percentile_empty_return_set_issue.patch
+++ /dev/null
@@ -1,94 +0,0 @@
---- cacti-0.8.6h/lib/graph_variables.php	2006-01-03 21:08:30.000000000 -0600
-+++ cacti-fixed/lib/graph_variables.php	2006-01-06 22:40:31.032460462 -0600
-@@ -302,27 +302,34 @@
- 
- 	/* format the output according to args passed to the variable */
- 	if ($regexp_match_array[4] == "current") {
-+		if (! empty($nth_cache{$graph_item["local_data_id"]}{$graph_item["data_source_name"]})) {
- 		$nth = $nth_cache{$graph_item["local_data_id"]}{$graph_item["data_source_name"]};
- 		$nth = ($regexp_match_array[2] == "bits") ? $nth * 8 : $nth;
- 		$nth /= pow(10,intval($regexp_match_array[3]));
-+		}
- 	}elseif ($regexp_match_array[4] == "total") {
- 		for ($t=0;($t<count($graph_items));$t++) {
- 			if ((ereg("(AREA|STACK|LINE[123])", $graph_item_types{$graph_items[$t]["graph_type_id"]})) && (!empty($graph_items[$t]["data_template_rrd_id"]))) {
-+				if (! empty($nth_cache{$graph_items[$t]["local_data_id"]}{$graph_items[$t]["data_source_name"]})) {
- 				$local_nth = $nth_cache{$graph_items[$t]["local_data_id"]}{$graph_items[$t]["data_source_name"]};
- 				$local_nth = ($regexp_match_array[2] == "bits") ? $local_nth * 8 : $local_nth;
- 				$local_nth /= pow(10,intval($regexp_match_array[3]));
- 
- 				$nth += $local_nth;
-+				}
- 
- 			}
- 		}
- 	}elseif ($regexp_match_array[4] == "max") {
-+		if (! empty($nth_cache{$graph_item["local_data_id"]}["nth_percentile_maximum"])) {
- 		$nth = $nth_cache{$graph_item["local_data_id"]}["nth_percentile_maximum"];
- 		$nth = ($regexp_match_array[2] == "bits") ? $nth * 8 : $nth;
- 		$nth /= pow(10,intval($regexp_match_array[3]));
-+		}
- 	}elseif ($regexp_match_array[4] == "total_peak") {
- 		for ($t=0;($t<count($graph_items));$t++) {
- 			if ((ereg("(AREA|STACK|LINE[123])", $graph_item_types{$graph_items[$t]["graph_type_id"]})) && (!empty($graph_items[$t]["data_template_rrd_id"]))) {
-+				if (! empty($nth_cache{$graph_items[$t]["local_data_id"]}["nth_percentile_maximum"])) {
- 				$local_nth = $nth_cache{$graph_items[$t]["local_data_id"]}["nth_percentile_maximum"];
- 				$local_nth = ($regexp_match_array[2] == "bits") ? $local_nth * 8 : $local_nth;
- 				$local_nth /= pow(10,intval($regexp_match_array[3]));
-@@ -330,9 +337,11 @@
- 				$nth += $local_nth;
- 			}
- 		}
-+		}
- 	}elseif ($regexp_match_array[4] == "all_max_current") {
- 		for ($t=0;($t<count($graph_items));$t++) {
- 			if ((ereg("(AREA|STACK|LINE[123])", $graph_item_types{$graph_items[$t]["graph_type_id"]})) && (!empty($graph_items[$t]["data_template_rrd_id"]))) {
-+				if (! empty($ninety_fifth_cache{$graph_items[$t]["local_data_id"]}{$graph_items[$t]["data_source_name"]})) {
- 				$local_nth = $ninety_fifth_cache{$graph_items[$t]["local_data_id"]}{$graph_items[$t]["data_source_name"]};
- 				$local_nth = ($regexp_match_array[2] == "bits") ? $local_nth * 8 : $local_nth;
- 				$local_nth /= pow(10,intval($regexp_match_array[3]));
-@@ -342,9 +351,11 @@
- 				}
- 			}
- 		}
-+		}
- 	}elseif ($regexp_match_array[4] == "all_max_peak") {
- 		for ($t=0;($t<count($graph_items));$t++) {
- 			if ((ereg("(AREA|STACK|LINE[123])", $graph_item_types{$graph_items[$t]["graph_type_id"]})) && (!empty($graph_items[$t]["data_template_rrd_id"]))) {
-+				if (! empty($nth_cache{$graph_items[$t]["local_data_id"]}["nth_percentile_maximum"])) {
- 				$local_nth = $nth_cache{$graph_items[$t]["local_data_id"]}["nth_percentile_maximum"];
- 				$local_nth = ($regexp_match_array[2] == "bits") ? $local_nth * 8 : $local_nth;
- 				$local_nth /= pow(10,intval($regexp_match_array[3]));
-@@ -354,28 +365,23 @@
- 				}
- 			}
- 		}
-+		}
- 	}elseif ($regexp_match_array[4] == "aggregate") {
--		if (empty($nth_cache{0}["nth_percentile_aggregate_total"])) {
--			$nth = 0;
--		}else{
-+		if (! empty($nth_cache{0}["nth_percentile_aggregate_total"])) {
- 			$local_nth = $nth_cache{0}["nth_percentile_aggregate_total"];
- 			$local_nth = ($regexp_match_array[2] == "bits") ? $local_nth * 8 : $local_nth;
- 			$local_nth /= pow(10,intval($regexp_match_array[3]));
- 			$nth = $local_nth;
- 		}
- 	}elseif ($regexp_match_array[4] == "aggregate_max") {
--		if (empty($nth_cache{0}["nth_percentile_aggregate_max"])) {
--			$nth = 0;
--		}else{
-+		if (! empty($nth_cache{0}["nth_percentile_aggregate_max"])) {
- 			$local_nth = $nth_cache{0}["nth_percentile_aggregate_max"];
- 			$local_nth = ($regexp_match_array[2] == "bits") ? $local_nth * 8 : $local_nth;
- 			$local_nth /= pow(10,intval($regexp_match_array[3]));
- 			$nth = $local_nth;
- 		}
- 	}elseif ($regexp_match_array[4] == "aggregate_sum") {
--		if (empty($nth_cache{0}["nth_percentile_aggregate_sum"])) {
--			$nth = 0;
--		}else{
-+		if (! empty($nth_cache{0}["nth_percentile_aggregate_sum"])) {
- 			$local_nth = $nth_cache{0}["nth_percentile_aggregate_sum"];
- 			$local_nth = ($regexp_match_array[2] == "bits") ? $local_nth * 8 : $local_nth;
- 			$local_nth /= pow(10,intval($regexp_match_array[3]));
diff --git a/ping_php_version4_snmpgetnext.patch b/ping_php_version4_snmpgetnext.patch
new file mode 100644
index 0000000..10576f6
--- /dev/null
+++ b/ping_php_version4_snmpgetnext.patch
@@ -0,0 +1,42 @@
+--- cacti-0.8.6j/lib/ping.php	2007-01-17 19:23:10.000000000 -0500
++++ cacti-0.8.6j-patch/lib/ping.php	2007-01-20 19:45:55.015625000 -0500
+@@ -281,7 +281,13 @@
+ 
+ 		/* poll sysUptime for status */
+ 		$retry_count = 0;
++
++		/* getnext does not work in php versions less than 5 */
++		if (version_compare("5", phpversion(), "<")) {
+ 		$oid = ".1";
++		}else{
			$oid = ".1.3.6.1.2.1.1.3.0";
++		}
++
+ 		while (1) {
+ 			if ($retry_count >= $this->retries) {
+ 				$this->snmp_status   = "down";
+@@ -289,6 +295,8 @@
+ 				return false;
+ 			}
+ 
++			/* getnext does not work in php versions less than 5 */
++			if (version_compare("5", phpversion(), "<")) {
+ 			$output = cacti_snmp_getnext($this->host["hostname"],
+ 				$this->host["snmp_community"],
+ 				$oid,
+@@ -298,6 +306,16 @@
+ 				$this->host["snmp_port"],
+ 				$this->host["snmp_timeout"],
+ 				SNMP_CMDPHP);
++			}else{
				$output = cacti_snmp_get($this->host["hostname"],
++					$this->host["snmp_community"],
++					$oid,
++					$this->host["snmp_version"],
++					$this->host["snmp_username"],
++					$this->host["snmp_password"],
++					$this->host["snmp_port"],
++					$this->host["snmp_timeout"],
++					SNMP_CMDPHP);
++			}
+ 
+ 			/* determine total time +- ~10% */
+ 			$this->time = $this->get_time($this->precision);
diff --git a/poller_output_remainder.patch b/poller_output_remainder.patch
deleted file mode 100644
index 5edcf15..0000000
--- a/poller_output_remainder.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-diff -ruBbd cacti-0.8.6i/lib/poller.php cacti-0.8.6i-patched/lib/poller.php
---- cacti-0.8.6i/lib/poller.php	2006-10-08 23:06:01.000000000 -0400
-+++ cacti-0.8.6i-patched/lib/poller.php	2006-11-21 23:41:02.000000000 -0500
-@@ -213,7 +213,7 @@
- /* process_poller_output - grabs data from the 'poller_output' table and feeds the *completed*
-      results to RRDTool for processing
-    @arg $rrdtool_pipe - the array of pipes containing the file descriptor for rrdtool */
--function process_poller_output($rrdtool_pipe) {
-+function process_poller_output($rrdtool_pipe, $remainder = FALSE) {
- 	global $config;
- 
- 	include_once($config["library_path"] . "/rrd.php");
-@@ -221,6 +221,12 @@
- 	/* let's count the number of rrd files we processed */
- 	$rrds_processed = 0;
- 
-+	if ($remainder) {
-+		$limit = "";
-+	}else{
-+		$limit = "LIMIT 10000";
-+	}
-+
- 	/* create/update the rrd files */
- 	$results = db_fetch_assoc("select
- 		poller_output.output,
-@@ -231,7 +237,7 @@
- 		poller_item.rrd_num
- 		from (poller_output,poller_item)
- 		where (poller_output.local_data_id=poller_item.local_data_id and poller_output.rrd_name=poller_item.rrd_name)
--		limit 10000");
-+		$limit");
- 
- 	if (sizeof($results) > 0) {
- 		/* create an array keyed off of each .rrd file */
-diff -ruBbd cacti-0.8.6i/poller.php cacti-0.8.6i-patched/poller.php
---- cacti-0.8.6i/poller.php	2006-10-08 23:06:01.000000000 -0400
-+++ cacti-0.8.6i-patched/poller.php	2006-11-12 11:49:05.000000000 -0500
-@@ -166,7 +166,7 @@
- 		$polling_items = db_fetch_assoc("select poller_id,end_time from poller_time where poller_id = 0");
- 
- 		if (sizeof($polling_items) == $process_file_number) {
--			$rrds_processed = $rrds_processed + process_poller_output($rrdtool_pipe);
-+			$rrds_processed = $rrds_processed + process_poller_output($rrdtool_pipe, TRUE);
- 
- 			/* take time and log performance data */
- 			list($micro,$seconds) = split(" ", microtime());
diff --git a/snmpwalk_fix.patch b/snmpwalk_fix.patch
new file mode 100644
index 0000000..9661ac6
--- /dev/null
+++ b/snmpwalk_fix.patch
@@ -0,0 +1,15 @@
+diff -ruBbd cacti-0.8.6j/lib/snmp.php cacti-0.8.6j-patched/lib/snmp.php
+--- cacti-0.8.6j/lib/snmp.php	2007-01-17 19:23:10.000000000 -0500
++++ cacti-0.8.6j-patched/lib/snmp.php	2007-05-15 21:26:14.000000000 -0400
+@@ -221,9 +219,9 @@
+ 			$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -v$version -t $timeout -r $retries $hostname:$port $snmp_auth $oid");
+ 		}else {
+ 			if (file_exists($path_snmpbulkwalk) && ($version > 1)) {
+-				$temp_array = exec_into_array($path_snmpbulkwalk . " -O n $snmp_auth -v $version -t $timeout -r $retries -Cr50 $hostname:$port $oid");
++				$temp_array = exec_into_array($path_snmpbulkwalk . " -O Qn $snmp_auth -v $version -t $timeout -r $retries -Cr50 $hostname:$port $oid");
+ 			}else{
+-				$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O n $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
++				$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O Qn $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
+ 			}
+ 		}
+ 
diff --git a/thumbnail_graphs_not_working.patch b/thumbnail_graphs_not_working.patch
new file mode 100644
index 0000000..badb558
--- /dev/null
+++ b/thumbnail_graphs_not_working.patch
@@ -0,0 +1,20 @@
+--- cacti-0.8.6j/lib/rrd.php	2007-01-17 19:23:10.000000000 -0500
++++ cacti-0.8.6j-patch/lib/rrd.php	2007-02-01 20:29:59.687500000 -0500
+@@ -1080,9 +1080,15 @@
+ 
+ 		if ($graph_item_types{$graph_item["graph_type_id"]} == "COMMENT") {
+ 			if (read_config_option("rrdtool_version") == "rrd-1.2.x") {
+-				$txt_graph_items .= $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]) . $hardreturn[$graph_item_id] . "\" ";
++				$comment_string = $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]) . $hardreturn[$graph_item_id] . "\" ";
++				if (trim($comment_string) != "COMMENT:\"\"") {
++					$txt_graph_items .= $comment_string;
++				}
+ 			}else {
+-				$txt_graph_items .= $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . $graph_variables["text_format"][$graph_item_id] . $hardreturn[$graph_item_id] . "\" ";
++				$comment_string = $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . $graph_variables["text_format"][$graph_item_id] . $hardreturn[$graph_item_id] . "\" ";
++				if (trim($comment_string) != "COMMENT:\"\"") {
++					$txt_graph_items .= $comment_string;
++				}
+ 			}
+ 		}elseif (($graph_item_types{$graph_item["graph_type_id"]} == "GPRINT") && (!isset($graph_data_array["graph_nolegend"]))) {
+ 			$graph_variables["text_format"][$graph_item_id] = str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]); /* escape colons */
diff --git a/tree_console_missing_hosts.patch b/tree_console_missing_hosts.patch
new file mode 100644
index 0000000..dde7a00
--- /dev/null
+++ b/tree_console_missing_hosts.patch
@@ -0,0 +1,20 @@
+--- cacti-0.8.6j/lib/html_tree.php	2007-01-17 19:23:10.000000000 -0500
++++ cacti-0.8.6j-patch/lib/html_tree.php	2007-01-27 15:48:50.390625000 -0500
+@@ -328,7 +328,7 @@
+ 	while ($i > 1) {
+ 		$i--;
+ 
+-		$parent_tier = substr($tier_string, 0, $i * CHARS_PER_TIER);
++		$parent_tier = tree_tier_string(substr($tier_string, 0, $i * CHARS_PER_TIER));
+ 		$parent_variable = "sess_tree_leaf_expand_" . $leaf["graph_tree_id"] . "_" . $parent_tier;
+ 
+ 		$effective = @$_SESSION[$parent_variable];
+@@ -365,8 +365,6 @@
+    @returns - the string representing the leaf position
+ */
+ function tree_tier_string($order_key, $chars_per_tier = CHARS_PER_TIER) {
+-	$root_test = str_pad('', $chars_per_tier, '0');
+-
+ 	$new_string = preg_replace("/0+$/",'',$order_key);
+ 
+ 	return $new_string;

From 8e66f24575f5bb11fd312303f04e058f7db7d07a Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Wed, 26 Sep 2007 07:35:27 +0000
Subject: [PATCH 05/31] Rebuild for koji test

---
 cacti.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index de88c3c..59ab5f5 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.6j
-Release: 9%{?dist}
+Release: 10%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -115,6 +115,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Wed Sep 26 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-10
+- Rebuild for koji test
+
 * Fri Sep 21 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-9
 - Added rest of official patches
 

From 7a47af56684a4809bd0484367290836dcbfbd413 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Thu, 1 Nov 2007 01:11:21 +0000
Subject: [PATCH 06/31] upstream released new version

---
 .cvsignore |  2 +-
 cacti.spec | 31 +++++++------------------------
 sources    |  2 +-
 3 files changed, 9 insertions(+), 26 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index 83c4787..02611f1 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-cacti-0.8.6j.tar.gz
+cacti-0.8.7.tar.gz
diff --git a/cacti.spec b/cacti.spec
index 59ab5f5..bf75293 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
-Version: 0.8.6j
-Release: 10%{?dist}
+Version: 0.8.7
+Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -11,14 +11,6 @@ Source1: cacti-httpd.conf
 Source2: cacti.logrotate
 Source3: cacti.README.Fedora
 
-Patch1: cacti-0.8.6h-dbcfg.patch
-Patch2: CVE-2007-3112.patch
-Patch3: ping_php_version4_snmpgetnext.patch
-Patch4: tree_console_missing_hosts.patch
-Patch5: thumbnail_graphs_not_working.patch
-Patch6: graph_debug_lockup_fix.patch
-Patch7: snmpwalk_fix.patch
-
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Requires: php, php-mysql, mysql, httpd, rrdtool, net-snmp, php-snmp
@@ -37,13 +29,6 @@ used to creating traffic graphs with MRTG.
 
 %prep
 %setup -q
-%patch1 -p0
-%patch2 -p3
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
 
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
@@ -64,9 +49,9 @@ rm -rf %{buildroot}
 %{__cp} -a images/ include/ install/ lib/ resource/ %{buildroot}%{_datadir}/%{name}
 %{__cp} %{SOURCE3} ./docs/README.cacti
 %{__cp} -a docs/ %{buildroot}/%{_docdir}/%{name}-%{version}
-%{__mv} %{buildroot}/%{_datadir}/%{name}/include/db.php %{buildroot}/%{_sysconfdir}/%{name}/db.php
+%{__mv} %{buildroot}/%{_datadir}/%{name}/include/config.php %{buildroot}/%{_sysconfdir}/%{name}/db.php
 %{__chmod} +x %{buildroot}/%{_datadir}/%{name}/cmd.php %{buildroot}/%{_datadir}/%{name}/poller.php
-ln -s %{_sysconfdir}/%{name}/db.php %{buildroot}/%{_datadir}/%{name}/include/db.php
+ln -s %{_sysconfdir}/%{name}/db.php %{buildroot}/%{_datadir}/%{name}/include/config.php
 ln -s %{_localstatedir}/lib/%{name}/rra %{buildroot}/%{_datadir}/%{name}/
 ln -s %{_localstatedir}/lib/%{name}/scripts %{buildroot}/%{_datadir}/%{name}/
 ln -s %{_localstatedir}/log/%{name}/ %{buildroot}/%{_datadir}/%{name}/log
@@ -115,11 +100,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
-* Wed Sep 26 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-10
-- Rebuild for koji test
-
-* Fri Sep 21 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-9
-- Added rest of official patches
+* Fri Oct 13 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7-1
+- Upstream released new version
+- No longer need to patch for /etc/cacti/*
 
 * Fri Sep 14 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.6j-8
 - Fix for CVE-2007-3112 bz#243592
diff --git a/sources b/sources
index 2979952..57cb59e 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-29436be46b289d13dfce48e7618129e2  cacti-0.8.6j.tar.gz
+d28e8f9fd4b657c2ad79c4bcf1e3694d  cacti-0.8.7.tar.gz

From 577f84e711bca40b611549d0ee1f1987bb66e9e0 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Thu, 1 Nov 2007 01:19:18 +0000
Subject: [PATCH 07/31] release bump

---
 cacti.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cacti.spec b/cacti.spec
index bf75293..8b05c68 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -100,7 +100,7 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
-* Fri Oct 13 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7-1
+* Fri Oct 13 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7-2
 - Upstream released new version
 - No longer need to patch for /etc/cacti/*
 

From 241888925dd93f8953b084e4131c3afafb79b406 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Tue, 20 Nov 2007 14:47:52 +0000
Subject: [PATCH 08/31] Removed un-needed patch files. Upstream released new
 version

---
 .cvsignore                          |   2 +-
 CVE-2007-3112.patch                 |  29 --------
 cacti-0.8.6h-dbcfg.patch            | 104 ----------------------------
 cacti.spec                          |   8 ++-
 graph_debug_lockup_fix.patch        |  18 -----
 ping_php_version4_snmpgetnext.patch |  42 -----------
 snmpwalk_fix.patch                  |  15 ----
 sources                             |   2 +-
 thumbnail_graphs_not_working.patch  |  20 ------
 tree_console_missing_hosts.patch    |  20 ------
 10 files changed, 8 insertions(+), 252 deletions(-)
 delete mode 100644 CVE-2007-3112.patch
 delete mode 100644 cacti-0.8.6h-dbcfg.patch
 delete mode 100644 graph_debug_lockup_fix.patch
 delete mode 100644 ping_php_version4_snmpgetnext.patch
 delete mode 100644 snmpwalk_fix.patch
 delete mode 100644 thumbnail_graphs_not_working.patch
 delete mode 100644 tree_console_missing_hosts.patch

diff --git a/.cvsignore b/.cvsignore
index 02611f1..9cdcf2c 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-cacti-0.8.7.tar.gz
+cacti-0.8.7a.tar.gz
diff --git a/CVE-2007-3112.patch b/CVE-2007-3112.patch
deleted file mode 100644
index e77b2b4..0000000
--- a/CVE-2007-3112.patch
+++ /dev/null
@@ -1,29 +0,0 @@
---- branches/BRANCH_0_8_6/cacti/graph_image.php	2007/03/04 20:17:57	3898
-+++ branches/BRANCH_0_8_6/cacti/graph_image.php	2007/06/04 06:41:13	3956
-@@ -49,22 +49,22 @@
- $graph_data_array = array();
- 
- /* override: graph start time (unix time) */
--if (!empty($_GET["graph_start"])) {
-+if (!empty($_GET["graph_start"]) && $_GET["graph_start"] < 1600000000) {
- 	$graph_data_array["graph_start"] = $_GET["graph_start"];
- }
- 
- /* override: graph end time (unix time) */
--if (!empty($_GET["graph_end"])) {
-+if (!empty($_GET["graph_end"]) && $_GET["graph_end"] < 1600000000) {
- 	$graph_data_array["graph_end"] = $_GET["graph_end"];
- }
- 
- /* override: graph height (in pixels) */
--if (!empty($_GET["graph_height"])) {
-+if (!empty($_GET["graph_height"]) && $_GET["graph_height"] < 3000) {
- 	$graph_data_array["graph_height"] = $_GET["graph_height"];
- }
- 
- /* override: graph width (in pixels) */
--if (!empty($_GET["graph_width"])) {
-+if (!empty($_GET["graph_width"]) && $_GET["graph_width"] < 3000) {
- 	$graph_data_array["graph_width"] = $_GET["graph_width"];
- }
- 
diff --git a/cacti-0.8.6h-dbcfg.patch b/cacti-0.8.6h-dbcfg.patch
deleted file mode 100644
index 4095b39..0000000
--- a/cacti-0.8.6h-dbcfg.patch
+++ /dev/null
@@ -1,104 +0,0 @@
---- include/config.php.orig	2006-01-13 14:44:09.000000000 -0600
-+++ include/config.php	2006-01-13 14:44:23.000000000 -0600
-@@ -23,15 +23,7 @@
-  | - raXnet - http://www.raxnet.net/                                       |
-  +-------------------------------------------------------------------------+
- */
--
--/* make sure these values refect your actual database/host/user/password */
--$database_type = "mysql";
--$database_default = "cacti";
--$database_hostname = "localhost";
--$database_username = "cactiuser";
--$database_password = "cactiuser";
--$database_port = "3306";
--
-+require_once("db.php");
- /* ----- you probably do not need to change anything below this line ----- */
- 
- /* Files that do not need http header information - Command line scripts */
---- include/db.php.orig	1969-12-31 18:00:00.000000000 -0600
-+++ include/db.php	2006-01-13 15:14:07.000000000 -0600
-@@ -0,0 +1,9 @@
-+<?php
-+/* make sure these values refect your actual database/host/user/password */
-+$database_type = "mysql";
-+$database_default = "cacti";
-+$database_hostname = "localhost";
-+$database_username = "cactiuser";
-+$database_password = "cactiuser";
-+$database_port = "3306";
-+?>
---- docs/text/manual.txt.orig	2006-01-13 15:21:40.000000000 -0600
-+++ docs/text/manual.txt	2006-01-13 15:22:42.000000000 -0600
-@@ -144,7 +144,7 @@
- mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somep
- assword';
- mysql> flush privileges;
--    5. Edit include/config.php and specify the MySQL user,
-+    5. Edit /etc/cacti/db.php and specify the MySQL user,
-        password and database for your Cacti configuration.
- $database_default = "cacti";
- $database_hostname = "localhost";
-@@ -379,7 +379,7 @@
-        all the DLL files and sh.exe from the c:\cacti directory.
- 
-    Configure Cacti
--    1. Edit cacti_web_root/cacti/include/config.php and specify
-+    1. Edit cacti_web_root/cacti/include/db.php and specify
-        the MySQL user, password, database, and database port for
-        your Cacti configuration.
- $database_default = "cacti";
-@@ -504,7 +504,7 @@
- shell> tar xzvf cacti-version.tar.gz
-     4. Rename the new Cacti directory to match the old one.
- shell> mv cacti-version cacti
--    5. Edit include/config.php and specify the MySQL user,
-+    5. Edit /etc/cacti/db.php and specify the MySQL user,
-        password and database for your Cacti configuration.
- $database_default = "cacti";
- $database_hostname = "localhost";
---- ./docs/UPGRADE.orig	2006-01-13 15:32:34.000000000 -0600
-+++ ./docs/UPGRADE	2006-01-13 15:35:37.000000000 -0600
-@@ -21,7 +21,7 @@
- 
-  shell> mv cacti-version cacti
- 
--    5. Edit include/config.php and specify the MySQL user, password and
-+    5. Edit /etc/cacti/db.php and specify the MySQL user, password and
-        database for your Cacti configuration.
- 
-  $database_default = "cacti";
---- ./docs/INSTALL.orig	2006-01-13 15:32:45.000000000 -0600
-+++ ./docs/INSTALL	2006-01-13 15:35:46.000000000 -0600
-@@ -19,7 +19,7 @@
-  mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somepassword';
-  mysql> flush privileges;
- 
--    5. Edit include/config.php and specify the MySQL user, password and
-+    5. Edit /etc/cacti/db.php and specify the MySQL user, password and
-        database for your Cacti configuration.
- 
-  $database_default = "cacti";
---- ./docs/html/upgrade.html.orig	2006-01-13 15:32:22.000000000 -0600
-+++ ./docs/html/upgrade.html	2006-01-13 15:35:18.000000000 -0600
-@@ -67,7 +67,7 @@
-       </li>
- 
-       <li>
--        <p>Edit <tt class="FILENAME">include/config.php</tt> and specify the MySQL user, password and database for your Cacti configuration.</p>
-+        <p>Edit <tt class="FILENAME">/etc/cacti/db.php</tt> and specify the MySQL user, password and database for your Cacti configuration.</p>
-         <pre class="SCREEN">
- <kbd class="USERINPUT">$database_default = "cacti";
- $database_hostname = "localhost";
---- ./docs/html/install_unix.html.orig	2006-01-13 15:32:28.000000000 -0600
-+++ ./docs/html/install_unix.html	2006-01-13 15:35:26.000000000 -0600
-@@ -67,7 +67,7 @@
-       </li>
- 
-       <li>
--        <p>Edit <tt class="FILENAME">include/config.php</tt> and specify the MySQL user, password and database for your Cacti configuration.</p>
-+        <p>Edit <tt class="FILENAME">/etc/cacti/db.php</tt> and specify the MySQL user, password and database for your Cacti configuration.</p>
-         <pre class="SCREEN">
- <kbd class="USERINPUT">$database_default = "cacti";
- $database_hostname = "localhost";
diff --git a/cacti.spec b/cacti.spec
index 8b05c68..1545bbd 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
-Version: 0.8.7
-Release: 2%{?dist}
+Version: 0.8.7a
+Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -100,6 +100,10 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Tue Nov 20 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7a-1
+- Upstream released new version
+- Fixes for bug #391691 - CVE-2007-6035
+
 * Fri Oct 13 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7-2
 - Upstream released new version
 - No longer need to patch for /etc/cacti/*
diff --git a/graph_debug_lockup_fix.patch b/graph_debug_lockup_fix.patch
deleted file mode 100644
index d740a2a..0000000
--- a/graph_debug_lockup_fix.patch
+++ /dev/null
@@ -1,18 +0,0 @@
---- cacti-0.8.6j/lib/rrd.php	2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/rrd.php	2007-03-01 15:32:18.609375000 -0500
-@@ -83,6 +83,7 @@
- 	if ($config["cacti_server_os"] == "unix") {
- 		/* an empty $rrd_struc array means no fp is available */
- 		if (sizeof($rrd_struc) == 0) {
-+			session_write_close();
- 			$fp = popen(read_config_option("path_rrdtool") . escape_command(" $command_line"), "r");
- 		}else{
- 			fwrite(rrd_get_fd($rrd_struc, RRDTOOL_PIPE_CHILD_READ), escape_command(" $command_line") . "\r\n");
-@@ -91,6 +92,7 @@
- 	}elseif ($config["cacti_server_os"] == "win32") {
- 		/* an empty $rrd_struc array means no fp is available */
- 		if (sizeof($rrd_struc) == 0) {
-+			session_write_close();
- 			$fp = popen(read_config_option("path_rrdtool") . escape_command(" $command_line"), "rb");
- 		}else{
- 			fwrite(rrd_get_fd($rrd_struc, RRDTOOL_PIPE_CHILD_READ), escape_command(" $command_line") . "\r\n");
diff --git a/ping_php_version4_snmpgetnext.patch b/ping_php_version4_snmpgetnext.patch
deleted file mode 100644
index 10576f6..0000000
--- a/ping_php_version4_snmpgetnext.patch
+++ /dev/null
@@ -1,42 +0,0 @@
---- cacti-0.8.6j/lib/ping.php	2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/ping.php	2007-01-20 19:45:55.015625000 -0500
-@@ -281,7 +281,13 @@
- 
- 		/* poll sysUptime for status */
- 		$retry_count = 0;
-+
-+		/* getnext does not work in php versions less than 5 */
-+		if (version_compare("5", phpversion(), "<")) {
- 		$oid = ".1";
-+		}else{
			$oid = ".1.3.6.1.2.1.1.3.0";
-+		}
-+
- 		while (1) {
- 			if ($retry_count >= $this->retries) {
- 				$this->snmp_status   = "down";
-@@ -289,6 +295,8 @@
- 				return false;
- 			}
- 
-+			/* getnext does not work in php versions less than 5 */
-+			if (version_compare("5", phpversion(), "<")) {
- 			$output = cacti_snmp_getnext($this->host["hostname"],
- 				$this->host["snmp_community"],
- 				$oid,
-@@ -298,6 +306,16 @@
- 				$this->host["snmp_port"],
- 				$this->host["snmp_timeout"],
- 				SNMP_CMDPHP);
-+			}else{
				$output = cacti_snmp_get($this->host["hostname"],
-+					$this->host["snmp_community"],
-+					$oid,
-+					$this->host["snmp_version"],
-+					$this->host["snmp_username"],
-+					$this->host["snmp_password"],
-+					$this->host["snmp_port"],
-+					$this->host["snmp_timeout"],
-+					SNMP_CMDPHP);
-+			}
- 
- 			/* determine total time +- ~10% */
- 			$this->time = $this->get_time($this->precision);
diff --git a/snmpwalk_fix.patch b/snmpwalk_fix.patch
deleted file mode 100644
index 9661ac6..0000000
--- a/snmpwalk_fix.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff -ruBbd cacti-0.8.6j/lib/snmp.php cacti-0.8.6j-patched/lib/snmp.php
---- cacti-0.8.6j/lib/snmp.php	2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patched/lib/snmp.php	2007-05-15 21:26:14.000000000 -0400
-@@ -221,9 +219,9 @@
- 			$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -v$version -t $timeout -r $retries $hostname:$port $snmp_auth $oid");
- 		}else {
- 			if (file_exists($path_snmpbulkwalk) && ($version > 1)) {
--				$temp_array = exec_into_array($path_snmpbulkwalk . " -O n $snmp_auth -v $version -t $timeout -r $retries -Cr50 $hostname:$port $oid");
-+				$temp_array = exec_into_array($path_snmpbulkwalk . " -O Qn $snmp_auth -v $version -t $timeout -r $retries -Cr50 $hostname:$port $oid");
- 			}else{
--				$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O n $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
-+				$temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O Qn $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid");
- 			}
- 		}
- 
diff --git a/sources b/sources
index 57cb59e..4d4cbe5 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-d28e8f9fd4b657c2ad79c4bcf1e3694d  cacti-0.8.7.tar.gz
+7d298e496058ec91f6d1ecdc97e0cca5  cacti-0.8.7a.tar.gz
diff --git a/thumbnail_graphs_not_working.patch b/thumbnail_graphs_not_working.patch
deleted file mode 100644
index badb558..0000000
--- a/thumbnail_graphs_not_working.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- cacti-0.8.6j/lib/rrd.php	2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/rrd.php	2007-02-01 20:29:59.687500000 -0500
-@@ -1080,9 +1080,15 @@
- 
- 		if ($graph_item_types{$graph_item["graph_type_id"]} == "COMMENT") {
- 			if (read_config_option("rrdtool_version") == "rrd-1.2.x") {
--				$txt_graph_items .= $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]) . $hardreturn[$graph_item_id] . "\" ";
-+				$comment_string = $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]) . $hardreturn[$graph_item_id] . "\" ";
-+				if (trim($comment_string) != "COMMENT:\"\"") {
-+					$txt_graph_items .= $comment_string;
-+				}
- 			}else {
--				$txt_graph_items .= $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . $graph_variables["text_format"][$graph_item_id] . $hardreturn[$graph_item_id] . "\" ";
-+				$comment_string = $graph_item_types{$graph_item["graph_type_id"]} . ":\"" . $graph_variables["text_format"][$graph_item_id] . $hardreturn[$graph_item_id] . "\" ";
-+				if (trim($comment_string) != "COMMENT:\"\"") {
-+					$txt_graph_items .= $comment_string;
-+				}
- 			}
- 		}elseif (($graph_item_types{$graph_item["graph_type_id"]} == "GPRINT") && (!isset($graph_data_array["graph_nolegend"]))) {
- 			$graph_variables["text_format"][$graph_item_id] = str_replace(":", "\:", $graph_variables["text_format"][$graph_item_id]); /* escape colons */
diff --git a/tree_console_missing_hosts.patch b/tree_console_missing_hosts.patch
deleted file mode 100644
index dde7a00..0000000
--- a/tree_console_missing_hosts.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- cacti-0.8.6j/lib/html_tree.php	2007-01-17 19:23:10.000000000 -0500
-+++ cacti-0.8.6j-patch/lib/html_tree.php	2007-01-27 15:48:50.390625000 -0500
-@@ -328,7 +328,7 @@
- 	while ($i > 1) {
- 		$i--;
- 
--		$parent_tier = substr($tier_string, 0, $i * CHARS_PER_TIER);
-+		$parent_tier = tree_tier_string(substr($tier_string, 0, $i * CHARS_PER_TIER));
- 		$parent_variable = "sess_tree_leaf_expand_" . $leaf["graph_tree_id"] . "_" . $parent_tier;
- 
- 		$effective = @$_SESSION[$parent_variable];
-@@ -365,8 +365,6 @@
-    @returns - the string representing the leaf position
- */
- function tree_tier_string($order_key, $chars_per_tier = CHARS_PER_TIER) {
--	$root_test = str_pad('', $chars_per_tier, '0');
--
- 	$new_string = preg_replace("/0+$/",'',$order_key);
- 
- 	return $new_string;

From fd5d087c743471cd2ca9f9b41585edb28432ba36 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Fri, 23 Nov 2007 17:58:11 +0000
Subject: [PATCH 09/31] changed permissions on db.php - #396331

---
 cacti.spec | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cacti.spec b/cacti.spec
index 1545bbd..bddb46e 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7a
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -82,7 +82,7 @@ fi
 %config(noreplace) %{_sysconfdir}/cron.d/cacti
 %config(noreplace) %{_sysconfdir}/httpd/conf.d/cacti.conf
 %config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
-%attr(0660,cacti,apache) %config(noreplace) %{_sysconfdir}/%{name}/db.php
+%attr(0640,cacti,apache) %config(noreplace) %{_sysconfdir}/%{name}/db.php
 %{_datadir}/%{name}/*.php
 %{_datadir}/%{name}/images/
 %{_datadir}/%{name}/include/
@@ -100,6 +100,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Fri Nov 23 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7a-2
+- db.php is now 640 instead of 660 - #396331
+
 * Tue Nov 20 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7a-1
 - Upstream released new version
 - Fixes for bug #391691 - CVE-2007-6035

From cdfb187d201167e58de3f0df4ffd25842df5d032 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Thu, 14 Feb 2008 14:15:00 +0000
Subject: [PATCH 10/31] Upstream released new version. Includes security fixes

---
 .cvsignore | 2 +-
 cacti.spec | 7 +++++--
 sources    | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index 9cdcf2c..9d762f6 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-cacti-0.8.7a.tar.gz
+cacti-0.8.7b.tar.gz
diff --git a/cacti.spec b/cacti.spec
index bddb46e..87d2b1f 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
-Version: 0.8.7a
-Release: 2%{?dist}
+Version: 0.8.7b
+Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -100,6 +100,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Thu Nov 14 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-1
+- Upstream released new version
+
 * Fri Nov 23 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7a-2
 - db.php is now 640 instead of 660 - #396331
 
diff --git a/sources b/sources
index 4d4cbe5..3c0dd35 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-7d298e496058ec91f6d1ecdc97e0cca5  cacti-0.8.7a.tar.gz
+63ffca5735b60bc33c68bc880f0e8042  cacti-0.8.7b.tar.gz

From 30a17f0fdc8a67885f0e15d77be04e52346fd592 Mon Sep 17 00:00:00 2001
From: Michael Schwendt <mschwendt@fedoraproject.org>
Date: Sun, 9 Mar 2008 02:43:59 +0000
Subject: [PATCH 11/31] fix date in last changelog entry -- RPM complains about
 it

---
 cacti.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index 87d2b1f..7dbb7f0 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -100,7 +100,7 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
-* Thu Nov 14 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-1
+* Thu Feb 14 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-1
 - Upstream released new version
 
 * Fri Nov 23 2007 Mike McGrath <mmcgrath@redhat.com> - 0.8.7a-2

From 269f960f332623b836eb7e90b8fae49fcef61600 Mon Sep 17 00:00:00 2001
From: Tom Callaway <spot@fedoraproject.org>
Date: Tue, 15 Jul 2008 14:16:16 +0000
Subject: [PATCH 12/31] fix license tag

---
 cacti.spec | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/cacti.spec b/cacti.spec
index 7dbb7f0..71c89d4 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,10 +1,11 @@
 Name: cacti
 Version: 0.8.7b
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
-License: GPL
+# There's a lot of stuff in there. It's all compatible.
+License: GPLv2+ and LGPLv2 and (MPL 1.1 or GPLv2 or LGPLv2) and (LGPLv2 or BSD)
 URL: http://www.cacti.net/
 Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
 Source1: cacti-httpd.conf
@@ -100,6 +101,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Tue Jul 15 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.7b-2
+- fix license tag
+
 * Thu Feb 14 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-1
 - Upstream released new version
 

From 0f5150566f1637321455c803ff492dfd602a0111 Mon Sep 17 00:00:00 2001
From: Tom Callaway <spot@fedoraproject.org>
Date: Fri, 18 Jul 2008 15:02:56 +0000
Subject: [PATCH 13/31] fix my license tag mistake

---
 cacti.spec | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cacti.spec b/cacti.spec
index 71c89d4..64d46be 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,11 +1,11 @@
 Name: cacti
 Version: 0.8.7b
-Release: 2%{?dist}
+Release: 3%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
 # There's a lot of stuff in there. It's all compatible.
-License: GPLv2+ and LGPLv2 and (MPL 1.1 or GPLv2 or LGPLv2) and (LGPLv2 or BSD)
+License: GPLv2+ and LGPLv2 and (MPLv1.1 or GPLv2 or LGPLv2) and (LGPLv2 or BSD)
 URL: http://www.cacti.net/
 Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
 Source1: cacti-httpd.conf
@@ -101,6 +101,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Fri Jul 18 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.7b-3
+- fix my own mistake in the license tag
+
 * Tue Jul 15 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.7b-2
 - fix license tag
 

From dd926f29e2503de04998af57a0789c7b341cbee7 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Mon, 28 Jul 2008 17:38:04 +0000
Subject: [PATCH 14/31] added cli directories

---
 cacti.spec | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index 64d46be..b052091 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7b
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -44,6 +44,8 @@ rm -rf %{buildroot}
 %{__install} -d -m 0755 rra/ %{buildroot}/%{_localstatedir}/lib/%{name}/rra/
 %{__install} -d -m 0755 scripts/ %{buildroot}/%{_localstatedir}/lib//%{name}/scripts/
 %{__install} -m 0755 scripts/* %{buildroot}/%{_localstatedir}/lib/%{name}/scripts/
+%{__install} -d -m 0755 cli/ %{buildroot}/%{_localstatedir}/lib//%{name}/cli/
+%{__install} -m 0755 cli/* %{buildroot}/%{_localstatedir}/lib/%{name}/cli/
 %{__install} -D -m 0644 cacti.cron %{buildroot}/%{_sysconfdir}/cron.d/cacti
 %{__install} -D -m 0644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/httpd/conf.d/cacti.conf
 %{__install} -D -m 0644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/logrotate.d/cacti
@@ -97,10 +99,14 @@ fi
 %attr(-,cacti,apache) %{_localstatedir}/log/%{name}/
 %attr(-,cacti,root) %{_localstatedir}/lib/%{name}/rra/
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/scripts/*php
+%attr(0644,root,root) %{_localstatedir}/lib/%{name}/cli/*php
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/include
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Mon Jul 28 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-4
+- Added cli directory
+
 * Fri Jul 18 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.7b-3
 - fix my own mistake in the license tag
 

From fc10235de914d41eaa40db729afb5c563295360d Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Sat, 21 Feb 2009 15:33:45 +0000
Subject: [PATCH 15/31] updated cacti to latest version

---
 .cvsignore | 2 +-
 cacti.spec | 7 +++++--
 sources    | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index 9d762f6..af1b4f2 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-cacti-0.8.7b.tar.gz
+cacti-0.8.7d.tar.gz
diff --git a/cacti.spec b/cacti.spec
index b052091..5d3a94b 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
-Version: 0.8.7b
-Release: 4%{?dist}
+Version: 0.8.7d
+Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -104,6 +104,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Sat Feb 21 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7d-1
+- Upstream released new version
+
 * Mon Jul 28 2008 Mike McGrath <mmcgrath@redhat.com> - 0.8.7b-4
 - Added cli directory
 
diff --git a/sources b/sources
index 3c0dd35..bc380c5 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-63ffca5735b60bc33c68bc880f0e8042  cacti-0.8.7b.tar.gz
+0822068bfa547278e94d3143ef9279e0  cacti-0.8.7d.tar.gz

From e868bc891bd803a5fd8d5f426d8a9a0bfc5bb5d9 Mon Sep 17 00:00:00 2001
From: Jesse Keating <jkeating@fedoraproject.org>
Date: Tue, 24 Feb 2009 06:23:46 +0000
Subject: [PATCH 16/31] - Rebuilt for
 https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

---
 cacti.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index 5d3a94b..c04a2ba 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7d
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -104,6 +104,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7d-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
 * Sat Feb 21 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7d-1
 - Upstream released new version
 

From 35150cb6015f399c9a34d373bc8210252bd79da1 Mon Sep 17 00:00:00 2001
From: Michael Schwendt <mschwendt@fedoraproject.org>
Date: Tue, 31 Mar 2009 20:11:13 +0000
Subject: [PATCH 17/31] - Fix unowned cli directory (#473631)

---
 cacti.spec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index c04a2ba..bbab009 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7d
-Release: 2%{?dist}
+Release: 3%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -80,6 +80,7 @@ fi
 %dir %{_sysconfdir}/%{name}
 %dir %{_datadir}/%{name}
 %dir %{_localstatedir}/lib/%{name}
+%dir %{_localstatedir}/lib/%{name}/cli
 %dir %{_localstatedir}/lib/%{name}/scripts
 %doc docs/ README LICENSE cacti.sql
 %config(noreplace) %{_sysconfdir}/cron.d/cacti
@@ -104,6 +105,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Tue Mar 31 2009 Michael Schwendt <mschwendt@fedoraproject.org> - 0.8.7d-3
+- Fix unowned cli directory (#473631)
+
 * Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7d-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
 

From f73d616e74e1cd5972c1063d0e8dfc99c0b52d92 Mon Sep 17 00:00:00 2001
From: Jesse Keating <jkeating@fedoraproject.org>
Date: Fri, 24 Jul 2009 18:35:38 +0000
Subject: [PATCH 18/31] - Rebuilt for
 https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

---
 cacti.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index bbab009..376d024 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7d
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -105,6 +105,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7d-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
 * Tue Mar 31 2009 Michael Schwendt <mschwendt@fedoraproject.org> - 0.8.7d-3
 - Fix unowned cli directory (#473631)
 

From 563e9d23c6b13df415e8ae8443905cd822cf6f5d Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Mon, 17 Aug 2009 02:00:42 +0000
Subject: [PATCH 19/31] upstream released new version

---
 .cvsignore | 2 +-
 cacti.spec | 7 +++++--
 sources    | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index af1b4f2..3231818 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-cacti-0.8.7d.tar.gz
+cacti-0.8.7e.tar.gz
diff --git a/cacti.spec b/cacti.spec
index 376d024..69195f6 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
-Version: 0.8.7d
-Release: 4%{?dist}
+Version: 0.8.7e
+Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -105,6 +105,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Sun Aug 16 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-1
+- Upstream released new version
+
 * Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7d-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
 
diff --git a/sources b/sources
index bc380c5..c43e0c1 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-0822068bfa547278e94d3143ef9279e0  cacti-0.8.7d.tar.gz
+7563a58a57d2c6cc0da28cc341a30969  cacti-0.8.7e.tar.gz

From f013a0e0bf0577ad6adbc71ae74b5151bfa6ddd0 Mon Sep 17 00:00:00 2001
From: Bill Nottingham <notting@fedoraproject.org>
Date: Wed, 25 Nov 2009 22:47:28 +0000
Subject: [PATCH 20/31] Fix typo that causes a failure to update the common
 directory. (releng     #2781)

---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 38a8b2e..e8315b1 100644
--- a/Makefile
+++ b/Makefile
@@ -4,7 +4,7 @@ NAME := cacti
 SPECFILE = $(firstword $(wildcard *.spec))
 
 define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
 endef
 
 MAKEFILE_COMMON := $(shell $(find-makefile-common))

From 58f490ff91c6beebf4bd674627b614ad132a281e Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Tue, 1 Dec 2009 14:59:05 +0000
Subject: [PATCH 21/31] Applying upstream patches

---
 cacti.spec | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index 69195f6..f9ea08c 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7e
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -11,6 +11,11 @@ Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
 Source1: cacti-httpd.conf
 Source2: cacti.logrotate
 Source3: cacti.README.Fedora
+Patch0: cli_add_graph.patch
+Patch1: snmp_invalid_response.patch
+Patch2: template_duplication.patch
+Patch3: cross_site_fix.patchcross_site_fix.patch
+
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -30,6 +35,10 @@ used to creating traffic graphs with MRTG.
 
 %prep
 %setup -q
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
 
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
@@ -105,6 +114,11 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Tue Dec  1 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-2
+- Pulling in some official patches
+- #541279
+- #541962
+
 * Sun Aug 16 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-1
 - Upstream released new version
 

From 13672f07ef98253854376aa3707ce90e6038177c Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Tue, 1 Dec 2009 14:59:24 +0000
Subject: [PATCH 22/31] Adding upstream patches

---
 cli_add_graph.patch         |  11 ++
 cross_site_fix.patch        | 175 +++++++++++++++++++++++++++
 snmp_invalid_response.patch |  25 ++++
 template_duplication.patch  | 234 ++++++++++++++++++++++++++++++++++++
 4 files changed, 445 insertions(+)
 create mode 100644 cli_add_graph.patch
 create mode 100644 cross_site_fix.patch
 create mode 100644 snmp_invalid_response.patch
 create mode 100644 template_duplication.patch

diff --git a/cli_add_graph.patch b/cli_add_graph.patch
new file mode 100644
index 0000000..b82d21a
--- /dev/null
+++ b/cli_add_graph.patch
@@ -0,0 +1,11 @@
+--- ../tags/0.8.7e/cli/add_graphs.php	2009-06-28 12:34:31.000000000 -0400
++++ 0.8.7/cli/add_graphs.php	2009-08-18 20:04:44.000000000 -0400
+@@ -570,7 +570,7 @@
+ 	echo "                    3|Fields = Verify all Fields\n";
+ 	echo "List Options:\n";
+ 	echo "    --list-hosts\n";
+-	echo "    --list-graph-templates [--host_template=[ID]]\n";
++	echo "    --list-graph-templates [--host-template-id=[ID]]\n";
+ 	echo "    --list-input-fields --graph-template-id=[ID]\n";
+ 	echo "    --list-snmp-queries\n";
+ 	echo "    --list-query-types  --snmp-query-id [ID]\n";
diff --git a/cross_site_fix.patch b/cross_site_fix.patch
new file mode 100644
index 0000000..ddc9e2e
--- /dev/null
+++ b/cross_site_fix.patch
@@ -0,0 +1,175 @@
+--- cacti-0.8.7e/graph.php	2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/graph.php	2009-11-21 23:10:16.000000000 -0500
+@@ -35,6 +35,8 @@
+ /* ================= input validation ================= */
+ input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
+ input_validate_input_number(get_request_var("local_graph_id"));
++input_validate_input_number(get_request_var("graph_end"));
++input_validate_input_number(get_request_var("graph_start"));
+ input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
+ /* ==================================================== */
+ 
+--- cacti-0.8.7e/include/top_graph_header.php	2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/include/top_graph_header.php	2009-11-21 23:15:27.000000000 -0500
+@@ -58,7 +58,7 @@
+ 		if ($_SESSION["custom"]) {
+ 			print "<meta http-equiv=refresh content='99999'>\r\n";
+ 		}else{
+-			print "<meta http-equiv=refresh content='" . read_graph_config_option("page_refresh") . "'>\r\n";
++			print "<meta http-equiv=refresh content='" . htmlspecialchars(read_graph_config_option("page_refresh"),ENT_QUOTES) . "'>\r\n";
+ 		}
+ 	}
+ 	?>
+@@ -113,7 +113,7 @@
+ 	</tr>
+ 	<tr class="noprint">
+ 		<td bgcolor="#efefef" colspan="1" height="8" style="background-image: url(images/shadow_gray.gif); background-repeat: repeat-x; border-right: #aaaaaa 1px solid;">
+-			<img src="images/transparent_line.gif" width="<?php print read_graph_config_option("default_dual_pane_width");?>" height="2" border="0"><br>
++			<img src="images/transparent_line.gif" width="<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>" height="2" border="0"><br>
+ 		</td>
+ 		<td bgcolor="#ffffff" colspan="1" height="8" style="background-image: url(images/shadow.gif); background-repeat: repeat-x;">
+ 
+@@ -144,7 +144,7 @@
+ 
+ 	<tr>
+ 		<?php if ((read_graph_config_option("default_tree_view_mode") == "2") && (($_REQUEST["action"] == "tree") || ((isset($_REQUEST["view_type"]) ? $_REQUEST["view_type"] : "") == "tree"))) { ?>
+-		<td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print read_graph_config_option("default_dual_pane_width");?>' class='noprint'>
++		<td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>' class='noprint'>
+ 			<table border=0 cellpadding=0 cellspacing=0><tr><td><font size=-2><a style="font-size:7pt;text-decoration:none;color:silver" href="http://www.treemenu.net/" target=_blank></a></font></td></tr></table>
+ 			<?php grow_dhtml_trees(); ?>
+ 			<script type="text/javascript">initializeDocument();</script>
+--- cacti-0.8.7e/lib/html_form.php	2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/lib/html_form.php	2009-11-21 23:15:40.000000000 -0500
+@@ -235,13 +235,21 @@
+ 
+ 		if (sizeof($items) > 0) {
+ 		foreach ($items as $item) {
+-			print $item["name"] . "<br>";
++			print htmlspecialchars($item["name"],ENT_QUOTES) . "<br>";
+ 		}
+ 		}
+ 
+ 		break;
++	case 'font':
++		form_font_box($field_name, $field_array["value"],
++			((isset($field_array["default"])) ? $field_array["default"] : ""),
++			$field_array["max_length"],
++			((isset($field_array["size"])) ? $field_array["size"] : "40"), "text",
++			((isset($field_array["form_id"])) ? $field_array["form_id"] : ""));
++
++		break;
+ 	default:
+-		print "<em>" . $field_array["value"] . "</em>";
++		print "<em>" . htmlspecialchars($field_array["value"],ENT_QUOTES) . "</em>";
+ 
+ 		form_hidden_box($field_name, $field_array["value"], "");
+ 
+@@ -384,7 +392,7 @@
+ 		$form_previous_value = $form_default_value;
+ 	}
+ 
+-	print "<input type='hidden' id='$form_name' name='$form_name' value='$form_previous_value'>\n";
++	print "<input type='hidden' id='$form_name' name='$form_name' value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>\n";
+ }
+ 
+ /* form_dropdown - draws a standard html dropdown box
+@@ -568,7 +576,7 @@
+ 			}
+ 		}
+ 
+-		print ">". $array_display[$id];
++		print ">". htmlspecialchars($array_display[$id],ENT_QUOTES);
+ 		print "</option>\n";
+ 	}
+ 
+@@ -627,6 +635,65 @@
+ 	print "</select>\n";
+ }
+ 
++/* form_font_box - draws a standard html textbox and provides status of a fonts existence
++   @arg $form_name - the name of this form element
++   @arg $form_previous_value - the current value of this form element
++   @arg $form_default_value - the value of this form element to use if there is
++     no current value available
++   @arg $form_max_length - the maximum number of characters that can be entered
++     into this textbox
++   @arg $form_size - the size (width) of the textbox
++   @arg $type - the type of textbox, either 'text' or 'password'
++   @arg $current_id - used to determine if a current value for this form element
++     exists or not. a $current_id of '0' indicates that no current value exists,
++     a non-zero value indicates that a current value does exist */
++function form_font_box($form_name, $form_previous_value, $form_default_value, $form_max_length, $form_size = 30, $type = "text", $current_id = 0) {
++	if (($form_previous_value == "") && (empty($current_id))) {
++		$form_previous_value = $form_default_value;
++	}
++
++	print "<input type='$type'";
++
++	if (isset($_SESSION["sess_error_fields"])) {
++		if (!empty($_SESSION["sess_error_fields"][$form_name])) {
++			print "class='txtErrorTextBox'";
++			unset($_SESSION["sess_error_fields"][$form_name]);
++		}
++	}
++
++	if (isset($_SESSION["sess_field_values"])) {
++		if (!empty($_SESSION["sess_field_values"][$form_name])) {
++			$form_previous_value = $_SESSION["sess_field_values"][$form_name];
++		}
++	}
++
++	if (strlen($form_previous_value) == 0) { # no data: defaults are used; everythings fine
++			$extra_data = "";
++	} else {
++		if (read_config_option("rrdtool_version") == "rrd-1.3.x") {	# rrdtool 1.3 uses fontconfig
++			$font = '"' . $form_previous_value . '"';
++			$out_array = array();
++			exec('fc-list ' . $font, $out_array);
++			if (sizeof($out_array) == 0) {
++				$extra_data = "<span style='color:red'><br>[" . "ERROR: FONT NOT FOUND" . "]</span>";
++			} else {
++				$extra_data = "<span style='color:green'><br>[" . "OK: FONT FOUND" . "]</span>";
++			}
++		} elseif (read_config_option("rrdtool_version") == "rrd-1.0.x" ||
++				  read_config_option("rrdtool_version") == "rrd-1.2.x") { # rrdtool 1.0 and 1.2 use font files
++			if (is_file($form_previous_value)) {
++				$extra_data = "<span style='color:green'><br>[" . "OK: FILE FOUND" . "]</span>";
++			}else if (is_dir($form_previous_value)) {
++				$extra_data = "<span style='color:red'><br>[" . "ERROR: IS DIR" . "]</span>";
++			}else{
++				$extra_data = "<span style='color:red'><br>[" . "ERROR: FILE NOT FOUND" . "]</span>";
++			}
++		} # will be used for future versions of rrdtool
++	}
++
++	print " id='$form_name' name='$form_name' size='$form_size'" . (!empty($form_max_length) ? " maxlength='$form_max_length'" : "") . " value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>" . $extra_data;
++}
++
+ /* form_confirm - draws a table presenting the user with some choice and allowing
+      them to either proceed (delete) or cancel
+    @arg $body_text - the text to prompt the user with on this form
+--- cacti-0.8.7e/lib/timespan_settings.php	2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/lib/timespan_settings.php	2009-11-21 23:15:49.000000000 -0500
+@@ -125,9 +125,9 @@
+ 	if (isset($_POST["date1"])) {
+ 		/* the dates have changed, therefore, I am now custom */
+ 		if (($_SESSION["sess_current_date1"] != $_POST["date1"]) || ($_SESSION["sess_current_date2"] != $_POST["date2"])) {
+-			$timespan["current_value_date1"] = $_POST["date1"];
++			$timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
+ 			$timespan["begin_now"] =strtotime($timespan["current_value_date1"]);
+-			$timespan["current_value_date2"] = $_POST["date2"];
++			$timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
+ 			$timespan["end_now"]=strtotime($timespan["current_value_date2"]);
+ 			$_SESSION["sess_current_timespan"] = GT_CUSTOM;
+ 			$_SESSION["custom"] = 1;
+@@ -135,8 +135,8 @@
+ 		}else {
+ 			/* the default button wasn't pushed */
+ 			if (!isset($_POST["button_clear_x"])) {
+-				$timespan["current_value_date1"] = $_POST["date1"];
+-				$timespan["current_value_date2"] = $_POST["date2"];
++				$timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
++				$timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
+ 				$timespan["begin_now"] = $_SESSION["sess_current_timespan_begin_now"];
+ 				$timespan["end_now"] = $_SESSION["sess_current_timespan_end_now"];
+ 
diff --git a/snmp_invalid_response.patch b/snmp_invalid_response.patch
new file mode 100644
index 0000000..5b2dd20
--- /dev/null
+++ b/snmp_invalid_response.patch
@@ -0,0 +1,25 @@
+--- ../tags/0.8.7e/include/global_arrays.php	2009-06-28 12:34:31.000000000 -0400
++++ 0.8.7/include/global_arrays.php	2009-08-18 20:04:44.000000000 -0400
+@@ -174,6 +174,10 @@
+ 	"DES" => "DES (default)",
+ 	"AES128" => "AES");
+ 
++$banned_snmp_strings = array(
++	"End of MIB",
++	"No Such");
++
+ $logfile_options = array(1 =>
+ 	"Logfile Only",
+ 	"Logfile and Syslog/Eventlog",
+--- ../tags/0.8.7e/lib/snmp.php	2009-06-28 12:34:30.000000000 -0400
++++ 0.8.7/lib/snmp.php	2009-08-18 20:04:44.000000000 -0400
+@@ -27,9 +27,6 @@
+ define("SNMP_METHOD_PHP", 1);
+ define("SNMP_METHOD_BINARY", 2);
+ 
+-/* declare once, use many times */
+-$banned_snmp_strings = array("End of MIB", "No Such");
+-
+ /* we must use an apostrophe to escape community names under Unix in case the user uses
+ characters that the shell might interpret. the ucd-snmp binaries on Windows flip out when
+ you do this, but are perfectly happy with a quotation mark. */
diff --git a/template_duplication.patch b/template_duplication.patch
new file mode 100644
index 0000000..cd6ff4b
--- /dev/null
+++ b/template_duplication.patch
@@ -0,0 +1,234 @@
+diff -ruBbd 0.8.7e/cli/repair_templates.php 0.8.7/cli/repair_templates.php
+--- 0.8.7e/cli/repair_templates.php	2009-08-18 22:03:22.000000000 -0400
++++ 0.8.7/cli/repair_templates.php	2009-08-20 07:43:54.000000000 -0400
+@@ -0,0 +1,135 @@
++<?php
++/*
++ +-------------------------------------------------------------------------+
++ | Copyright (C) 2004-2009 The Cacti Group                                 |
++ |                                                                         |
++ | This program is free software; you can redistribute it and/or           |
++ | modify it under the terms of the GNU General Public License             |
++ | as published by the Free Software Foundation; either version 2          |
++ | of the License, or (at your option) any later version.                  |
++ |                                                                         |
++ | This program is distributed in the hope that it will be useful,         |
++ | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
++ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
++ | GNU General Public License for more details.                            |
++ +-------------------------------------------------------------------------+
++ | Cacti: The Complete RRDTool-based Graphing Solution                     |
++ +-------------------------------------------------------------------------+
++ | This code is designed, written, and maintained by the Cacti Group. See  |
++ | about.php and/or the AUTHORS file for specific developer information.   |
++ +-------------------------------------------------------------------------+
++ | http://www.cacti.net/                                                   |
++ +-------------------------------------------------------------------------+
++*/
++
++/* do NOT run this script through a web browser */
++if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
++	die("<br><strong>This script is only meant to run at the command line.</strong>");
++}
++
++$no_http_headers = true;
++
++include(dirname(__FILE__) . "/../include/global.php");
++include_once("../lib/utility.php");
++include_once("../lib/template.php");
++
++/* process calling arguments */
++$parms = $_SERVER["argv"];
++array_shift($parms);
++
++$execute = FALSE;
++
++foreach($parms as $parameter) {
++	@list($arg, $value) = @explode("=", $parameter);
++
++	switch ($arg) {
++	case "--execute":
++		$execute = TRUE;
++		break;
++	case "-h":
++	case "-v":
++	case "-V":
++	case "--version":
++	case "--help":
++		display_help();
++		exit;
++	default:
++		print "ERROR: Invalid Parameter " . $parameter . "\n\n";
++		display_help();
++		exit;
++	}
++}
++
++if ($execute) {
++	echo "NOTE: Repairing All Duplicated Templates\n";
++} else {
++	echo "NOTE: Performing Check of Templates\n";
++}
++
++/* repair data templates first */
++if ($execute) {
++	echo "NOTE: Repairing Data Templates\n";
++} else {
++	echo "NOTE: Performing Check of Data Templates\n";
++}
++
++$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT data_template_id FROM data_template_rrd WHERE hash='' AND local_data_id=0");
++if (sizeof($damaged_template_ids)) {
++	foreach($damaged_template_ids as $id) {
		$template_name = db_fetch_cell("SELECT name FROM data_template WHERE id=" . $id["data_template_id"]);
++		echo "NOTE: Data Template '$template_name' is Damaged and can be repaired\n";
++	}
++
++	$damaged_templates = db_fetch_assoc("SELECT * FROM data_template_rrd WHERE hash='' AND local_data_id=0");
++	if (sizeof($damaged_templates)) {
++		echo "NOTE: -- Damaged Data Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
++		if ($execute) {
++			foreach($damaged_templates as $template) {
++				$hash = get_hash_data_template($template["local_data_template_rrd_id"], "data_template_item");
++				db_execute("UPDATE data_template_rrd SET hash='$hash' WHERE id=" . $template["id"]);
++			}
++		}
++	}
++} else {
++	echo "NOTE: No Damaged Data Templates Found\n";
++}
++
++/* reset the array */
++$damaged_templates = array();
++
++/* repair graph templates */
++if ($execute) {
++	echo "NOTE: Repairing Graph Templates\n";
++} else {
++	echo "NOTE: Performing Check of Graph Templates\n";
++}
++
++$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT graph_template_id FROM graph_template_input WHERE hash=''");
++if (sizeof($damaged_template_ids)) {
++	foreach($damaged_template_ids as $id) {
++		$template_name = db_fetch_cell("SELECT name FROM graph_templates WHERE id=" . $id["graph_template_id"]);
++		echo "NOTE: Graph Template '$template_name' is Damaged and can be repaired\n";
++	}
++
++	$damaged_templates = db_fetch_assoc("SELECT * FROM graph_template_input WHERE hash=''");
++	if (sizeof($damaged_templates)) {
++		echo "NOTE: -- Damaged Graph Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
++		if ($execute) {
++			foreach($damaged_templates as $template) {
++				$hash = get_hash_graph_template(0, "graph_template_input");
++				db_execute("UPDATE graph_template_input SET hash='$hash' WHERE id=" . $template["id"]);
++			}
++		}
++	}
++} else {
++	echo "NOTE: No Damaged Graph Templates Found\n";
++}
++
++
++/* display_help - displays the usage of the function */
++function display_help () {
++	print "Cacti Database Template Repair Tool v1.0, Copyright 2004-2009 - The Cacti Group\n\n";
++	print "usage: repair_templates.php --execute [--help]\n\n";
++	print "--execute        - Perform the repair\n";
++	print "--help           - display this help message\n";
++}
++?>
+diff -ruBbd 0.8.7e/docs/README 0.8.7/docs/README
+--- 0.8.7e/docs/README	2009-08-18 21:57:30.000000000 -0400
++++ 0.8.7/docs/README	2009-08-18 21:58:09.000000000 -0400
+@@ -90,6 +90,9 @@
+                             table
+   poller_reindex_hosts.php - Cause data query reindex on hosts
+   rebuild_poller_cache.php - Rebuilds the poller cache
++  repair_templates.php     - Certain templates, when created using the "duplicate"
++      function in Cacti, do not import/export well.  This utility repairs 
++      those templates.
+ 
+ 
+ 
+diff -ruBbd 0.8.7e/lib/export.php 0.8.7/lib/export.php
+--- 0.8.7e/lib/export.php	2009-08-18 21:56:47.000000000 -0400
++++ 0.8.7/lib/export.php	2009-08-18 21:57:50.000000000 -0400
+@@ -811,7 +811,9 @@
+ }
+ 
+ function xml_character_encode($text) {
+-
++	if (function_exists("htmlspecialchars")) {
++		return htmlspecialchars($text, ENT_QUOTES, "UTF-8");
++	} else {
+ 	$text = str_replace("&", "&amp;", $text);
+ 	$text = str_replace(">", "&gt;", $text);
+ 	$text = str_replace("<", "&lt;", $text);
+@@ -819,6 +821,7 @@
+ 	$text = str_replace("\'", "&apos;", $text);
+ 
+ 	return $text;
++	}
+ }
+ 
+ ?>
+diff -ruBbd 0.8.7e/lib/import.php 0.8.7/lib/import.php
+--- 0.8.7e/lib/import.php	2009-08-18 21:56:59.000000000 -0400
++++ 0.8.7/lib/import.php	2009-08-18 21:57:55.000000000 -0400
+@@ -36,10 +36,6 @@
+ 		return $info_array;
+ 	}
+ 
+-	if (isset($xml_array["name"])) {
+-		$xml_array["name"] = htmlspecialchars($xml_array["name"]);
+-	}
+-
+ 	while (list($hash, $hash_array) = each($xml_array)) {
+ 		/* parse information from the hash */
+ 		$parsed_hash = parse_xml_hash($hash);
+@@ -115,7 +111,7 @@
+ 	$_graph_template_id = db_fetch_cell("select id from graph_templates where hash='$hash'");
+ 	$save["id"] = (empty($_graph_template_id) ? "0" : $_graph_template_id);
+ 	$save["hash"] = $hash;
+-	$save["name"] = htmlspecialchars($xml_array["name"]);
++	$save["name"] = $xml_array["name"];
+ 	$graph_template_id = sql_save($save, "graph_templates");
+ 
+ 	$hash_cache["graph_template"][$hash] = $graph_template_id;
+@@ -914,9 +910,13 @@
+ }
+ 
+ function xml_character_decode($text) {
++	if (function_exists("html_entity_decode")) {
++		return html_entity_decode($text, ENT_QUOTES, "UTF-8");
++	} else {
+ 	$trans_tbl = get_html_translation_table(HTML_ENTITIES);
+ 	$trans_tbl = array_flip($trans_tbl);
+ 	return strtr($text, $trans_tbl);
++	}
+ }
+ 
+ ?>
+diff -ruBbd 0.8.7e/lib/utility.php 0.8.7/lib/utility.php
+--- 0.8.7e/lib/utility.php	2009-08-18 21:57:08.000000000 -0400
++++ 0.8.7/lib/utility.php	2009-08-18 21:58:00.000000000 -0400
+@@ -346,6 +346,7 @@
+ 			$save["name"] = $graph_template_input["name"];
+ 			$save["description"] = $graph_template_input["description"];
+ 			$save["column_name"] = $graph_template_input["column_name"];
++			$save["hash"]              = get_hash_graph_template(0, "graph_template_input");
+ 
+ 			$graph_template_input_id = sql_save($save, "graph_template_input");
+ 
+@@ -436,6 +437,11 @@
+ 		$save["local_data_id"] = (isset($local_data_id) ? $local_data_id : 0);
+ 		$save["local_data_template_rrd_id"] = (isset($data_template_rrd["local_data_template_rrd_id"]) ? $data_template_rrd["local_data_template_rrd_id"] : 0);
+ 		$save["data_template_id"] = (!empty($_local_data_id) ? $data_template_rrd["data_template_id"] : $data_template_id);
++		if ($save["local_data_id"] == 0) {
++			$save["hash"]                   = get_hash_data_template($data_template_rrd["local_data_template_rrd_id"], "data_template_item");
++		} else {
++			$save["hash"] = '';
++		}
+ 
+ 		while (list($field, $array) = each($struct_data_source_item)) {
+ 			$save{$field} = $data_template_rrd{$field};

From 5fdbec404eedf51a9e5f85dbabe374ebc39c4b99 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Tue, 1 Dec 2009 15:03:27 +0000
Subject: [PATCH 23/31] fixing patch name

---
 cacti.spec | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/cacti.spec b/cacti.spec
index f9ea08c..dd0d502 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -14,8 +14,7 @@ Source3: cacti.README.Fedora
 Patch0: cli_add_graph.patch
 Patch1: snmp_invalid_response.patch
 Patch2: template_duplication.patch
-Patch3: cross_site_fix.patchcross_site_fix.patch
-
+Patch3: cross_site_fix.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 

From d1905afb1b69ad960d2c78446fde7db2c42560f0 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Tue, 1 Dec 2009 15:07:10 +0000
Subject: [PATCH 24/31] release bump

---
 cacti.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cacti.spec b/cacti.spec
index dd0d502..1be25b8 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7e
-Release: 2%{?dist}
+Release: 3%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -113,7 +113,7 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
-* Tue Dec  1 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-2
+* Tue Dec  1 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-3
 - Pulling in some official patches
 - #541279
 - #541962

From 6bb9be2c27ef5f87c00d9b20be2f9a540b828c38 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Fri, 23 Apr 2010 13:43:21 +0000
Subject: [PATCH 25/31] Adding official patch to fix sql vulnerability

---
 cacti.spec                          |  9 ++++++++-
 sql_injection_template_export.patch | 13 +++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 sql_injection_template_export.patch

diff --git a/cacti.spec b/cacti.spec
index 1be25b8..f4efec6 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7e
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -15,6 +15,7 @@ Patch0: cli_add_graph.patch
 Patch1: snmp_invalid_response.patch
 Patch2: template_duplication.patch
 Patch3: cross_site_fix.patch
+Patch4: sql_injection_template_export.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -38,6 +39,7 @@ used to creating traffic graphs with MRTG.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
@@ -113,6 +115,11 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Fri Apr 23 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-4
+- Pulling in patches from upstream
+- SQL injection fix
+- BZ #541279
+
 * Tue Dec  1 2009 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-3
 - Pulling in some official patches
 - #541279
diff --git a/sql_injection_template_export.patch b/sql_injection_template_export.patch
new file mode 100644
index 0000000..397990c
--- /dev/null
+++ b/sql_injection_template_export.patch
@@ -0,0 +1,13 @@
+--- cacti-0.8.7e/templates_export.php	2009-06-28 12:07:11.000000000 -0400
++++ cacti-fixed/templates_export.php	2010-04-17 14:08:42.000000000 -0400
+@@ -49,6 +49,10 @@
+ function form_save() {
+ 	global $export_types;
+ 
++    /* ================= input validation ================= */
++    input_validate_input_number(get_request_var_post("export_item_id"));
++    /* ==================================================== */
++
+ 	if (isset($_POST["save_component_export"])) {
+ 		$xml_data = get_item_xml($_POST["export_type"], $_POST["export_item_id"], (((isset($_POST["include_deps"]) ? $_POST["include_deps"] : "") == "") ? false : true));
+ 

From 5bb5c03660a8dca6e6a4f6c4908d0184df59ec01 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Mon, 24 May 2010 14:33:00 +0000
Subject: [PATCH 26/31] upstream released new version

---
 .cvsignore                          |   2 +-
 cacti.spec                          |  18 +--
 cli_add_graph.patch                 |  11 --
 cross_site_fix.patch                | 175 ---------------------
 snmp_invalid_response.patch         |  25 ---
 sources                             |   2 +-
 sql_injection_template_export.patch |  13 --
 template_duplication.patch          | 234 ----------------------------
 8 files changed, 8 insertions(+), 472 deletions(-)
 delete mode 100644 cli_add_graph.patch
 delete mode 100644 cross_site_fix.patch
 delete mode 100644 snmp_invalid_response.patch
 delete mode 100644 sql_injection_template_export.patch
 delete mode 100644 template_duplication.patch

diff --git a/.cvsignore b/.cvsignore
index 3231818..80dd1a5 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-cacti-0.8.7e.tar.gz
+cacti-0.8.7f.tar.gz
diff --git a/cacti.spec b/cacti.spec
index f4efec6..eb3a56b 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
-Version: 0.8.7e
-Release: 4%{?dist}
+Version: 0.8.7f
+Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -11,11 +11,6 @@ Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
 Source1: cacti-httpd.conf
 Source2: cacti.logrotate
 Source3: cacti.README.Fedora
-Patch0: cli_add_graph.patch
-Patch1: snmp_invalid_response.patch
-Patch2: template_duplication.patch
-Patch3: cross_site_fix.patch
-Patch4: sql_injection_template_export.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -35,11 +30,6 @@ used to creating traffic graphs with MRTG.
 
 %prep
 %setup -q
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
 
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
@@ -115,6 +105,10 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Mon May 24 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7f-1
+- Upstream released new version
+- Contains security updates #595289
+
 * Fri Apr 23 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-4
 - Pulling in patches from upstream
 - SQL injection fix
diff --git a/cli_add_graph.patch b/cli_add_graph.patch
deleted file mode 100644
index b82d21a..0000000
--- a/cli_add_graph.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- ../tags/0.8.7e/cli/add_graphs.php	2009-06-28 12:34:31.000000000 -0400
-+++ 0.8.7/cli/add_graphs.php	2009-08-18 20:04:44.000000000 -0400
-@@ -570,7 +570,7 @@
- 	echo "                    3|Fields = Verify all Fields\n";
- 	echo "List Options:\n";
- 	echo "    --list-hosts\n";
--	echo "    --list-graph-templates [--host_template=[ID]]\n";
-+	echo "    --list-graph-templates [--host-template-id=[ID]]\n";
- 	echo "    --list-input-fields --graph-template-id=[ID]\n";
- 	echo "    --list-snmp-queries\n";
- 	echo "    --list-query-types  --snmp-query-id [ID]\n";
diff --git a/cross_site_fix.patch b/cross_site_fix.patch
deleted file mode 100644
index ddc9e2e..0000000
--- a/cross_site_fix.patch
+++ /dev/null
@@ -1,175 +0,0 @@
---- cacti-0.8.7e/graph.php	2009-06-28 12:07:11.000000000 -0400
-+++ cacti-0.8.7e-patched/graph.php	2009-11-21 23:10:16.000000000 -0500
-@@ -35,6 +35,8 @@
- /* ================= input validation ================= */
- input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
- input_validate_input_number(get_request_var("local_graph_id"));
-+input_validate_input_number(get_request_var("graph_end"));
-+input_validate_input_number(get_request_var("graph_start"));
- input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
- /* ==================================================== */
- 
---- cacti-0.8.7e/include/top_graph_header.php	2009-06-28 12:07:11.000000000 -0400
-+++ cacti-0.8.7e-patched/include/top_graph_header.php	2009-11-21 23:15:27.000000000 -0500
-@@ -58,7 +58,7 @@
- 		if ($_SESSION["custom"]) {
- 			print "<meta http-equiv=refresh content='99999'>\r\n";
- 		}else{
--			print "<meta http-equiv=refresh content='" . read_graph_config_option("page_refresh") . "'>\r\n";
-+			print "<meta http-equiv=refresh content='" . htmlspecialchars(read_graph_config_option("page_refresh"),ENT_QUOTES) . "'>\r\n";
- 		}
- 	}
- 	?>
-@@ -113,7 +113,7 @@
- 	</tr>
- 	<tr class="noprint">
- 		<td bgcolor="#efefef" colspan="1" height="8" style="background-image: url(images/shadow_gray.gif); background-repeat: repeat-x; border-right: #aaaaaa 1px solid;">
--			<img src="images/transparent_line.gif" width="<?php print read_graph_config_option("default_dual_pane_width");?>" height="2" border="0"><br>
-+			<img src="images/transparent_line.gif" width="<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>" height="2" border="0"><br>
- 		</td>
- 		<td bgcolor="#ffffff" colspan="1" height="8" style="background-image: url(images/shadow.gif); background-repeat: repeat-x;">
- 
-@@ -144,7 +144,7 @@
- 
- 	<tr>
- 		<?php if ((read_graph_config_option("default_tree_view_mode") == "2") && (($_REQUEST["action"] == "tree") || ((isset($_REQUEST["view_type"]) ? $_REQUEST["view_type"] : "") == "tree"))) { ?>
--		<td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print read_graph_config_option("default_dual_pane_width");?>' class='noprint'>
-+		<td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>' class='noprint'>
- 			<table border=0 cellpadding=0 cellspacing=0><tr><td><font size=-2><a style="font-size:7pt;text-decoration:none;color:silver" href="http://www.treemenu.net/" target=_blank></a></font></td></tr></table>
- 			<?php grow_dhtml_trees(); ?>
- 			<script type="text/javascript">initializeDocument();</script>
---- cacti-0.8.7e/lib/html_form.php	2009-06-28 12:07:11.000000000 -0400
-+++ cacti-0.8.7e-patched/lib/html_form.php	2009-11-21 23:15:40.000000000 -0500
-@@ -235,13 +235,21 @@
- 
- 		if (sizeof($items) > 0) {
- 		foreach ($items as $item) {
--			print $item["name"] . "<br>";
-+			print htmlspecialchars($item["name"],ENT_QUOTES) . "<br>";
- 		}
- 		}
- 
- 		break;
-+	case 'font':
-+		form_font_box($field_name, $field_array["value"],
-+			((isset($field_array["default"])) ? $field_array["default"] : ""),
-+			$field_array["max_length"],
-+			((isset($field_array["size"])) ? $field_array["size"] : "40"), "text",
-+			((isset($field_array["form_id"])) ? $field_array["form_id"] : ""));
-+
-+		break;
- 	default:
--		print "<em>" . $field_array["value"] . "</em>";
-+		print "<em>" . htmlspecialchars($field_array["value"],ENT_QUOTES) . "</em>";
- 
- 		form_hidden_box($field_name, $field_array["value"], "");
- 
-@@ -384,7 +392,7 @@
- 		$form_previous_value = $form_default_value;
- 	}
- 
--	print "<input type='hidden' id='$form_name' name='$form_name' value='$form_previous_value'>\n";
-+	print "<input type='hidden' id='$form_name' name='$form_name' value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>\n";
- }
- 
- /* form_dropdown - draws a standard html dropdown box
-@@ -568,7 +576,7 @@
- 			}
- 		}
- 
--		print ">". $array_display[$id];
-+		print ">". htmlspecialchars($array_display[$id],ENT_QUOTES);
- 		print "</option>\n";
- 	}
- 
-@@ -627,6 +635,65 @@
- 	print "</select>\n";
- }
- 
-+/* form_font_box - draws a standard html textbox and provides status of a fonts existence
-+   @arg $form_name - the name of this form element
-+   @arg $form_previous_value - the current value of this form element
-+   @arg $form_default_value - the value of this form element to use if there is
-+     no current value available
-+   @arg $form_max_length - the maximum number of characters that can be entered
-+     into this textbox
-+   @arg $form_size - the size (width) of the textbox
-+   @arg $type - the type of textbox, either 'text' or 'password'
-+   @arg $current_id - used to determine if a current value for this form element
-+     exists or not. a $current_id of '0' indicates that no current value exists,
-+     a non-zero value indicates that a current value does exist */
-+function form_font_box($form_name, $form_previous_value, $form_default_value, $form_max_length, $form_size = 30, $type = "text", $current_id = 0) {
-+	if (($form_previous_value == "") && (empty($current_id))) {
-+		$form_previous_value = $form_default_value;
-+	}
-+
-+	print "<input type='$type'";
-+
-+	if (isset($_SESSION["sess_error_fields"])) {
-+		if (!empty($_SESSION["sess_error_fields"][$form_name])) {
-+			print "class='txtErrorTextBox'";
-+			unset($_SESSION["sess_error_fields"][$form_name]);
-+		}
-+	}
-+
-+	if (isset($_SESSION["sess_field_values"])) {
-+		if (!empty($_SESSION["sess_field_values"][$form_name])) {
-+			$form_previous_value = $_SESSION["sess_field_values"][$form_name];
-+		}
-+	}
-+
-+	if (strlen($form_previous_value) == 0) { # no data: defaults are used; everythings fine
-+			$extra_data = "";
-+	} else {
-+		if (read_config_option("rrdtool_version") == "rrd-1.3.x") {	# rrdtool 1.3 uses fontconfig
-+			$font = '"' . $form_previous_value . '"';
-+			$out_array = array();
-+			exec('fc-list ' . $font, $out_array);
-+			if (sizeof($out_array) == 0) {
-+				$extra_data = "<span style='color:red'><br>[" . "ERROR: FONT NOT FOUND" . "]</span>";
-+			} else {
-+				$extra_data = "<span style='color:green'><br>[" . "OK: FONT FOUND" . "]</span>";
-+			}
-+		} elseif (read_config_option("rrdtool_version") == "rrd-1.0.x" ||
-+				  read_config_option("rrdtool_version") == "rrd-1.2.x") { # rrdtool 1.0 and 1.2 use font files
-+			if (is_file($form_previous_value)) {
-+				$extra_data = "<span style='color:green'><br>[" . "OK: FILE FOUND" . "]</span>";
-+			}else if (is_dir($form_previous_value)) {
-+				$extra_data = "<span style='color:red'><br>[" . "ERROR: IS DIR" . "]</span>";
-+			}else{
-+				$extra_data = "<span style='color:red'><br>[" . "ERROR: FILE NOT FOUND" . "]</span>";
-+			}
-+		} # will be used for future versions of rrdtool
-+	}
-+
-+	print " id='$form_name' name='$form_name' size='$form_size'" . (!empty($form_max_length) ? " maxlength='$form_max_length'" : "") . " value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>" . $extra_data;
-+}
-+
- /* form_confirm - draws a table presenting the user with some choice and allowing
-      them to either proceed (delete) or cancel
-    @arg $body_text - the text to prompt the user with on this form
---- cacti-0.8.7e/lib/timespan_settings.php	2009-06-28 12:07:11.000000000 -0400
-+++ cacti-0.8.7e-patched/lib/timespan_settings.php	2009-11-21 23:15:49.000000000 -0500
-@@ -125,9 +125,9 @@
- 	if (isset($_POST["date1"])) {
- 		/* the dates have changed, therefore, I am now custom */
- 		if (($_SESSION["sess_current_date1"] != $_POST["date1"]) || ($_SESSION["sess_current_date2"] != $_POST["date2"])) {
--			$timespan["current_value_date1"] = $_POST["date1"];
-+			$timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
- 			$timespan["begin_now"] =strtotime($timespan["current_value_date1"]);
--			$timespan["current_value_date2"] = $_POST["date2"];
-+			$timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
- 			$timespan["end_now"]=strtotime($timespan["current_value_date2"]);
- 			$_SESSION["sess_current_timespan"] = GT_CUSTOM;
- 			$_SESSION["custom"] = 1;
-@@ -135,8 +135,8 @@
- 		}else {
- 			/* the default button wasn't pushed */
- 			if (!isset($_POST["button_clear_x"])) {
--				$timespan["current_value_date1"] = $_POST["date1"];
--				$timespan["current_value_date2"] = $_POST["date2"];
-+				$timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
-+				$timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
- 				$timespan["begin_now"] = $_SESSION["sess_current_timespan_begin_now"];
- 				$timespan["end_now"] = $_SESSION["sess_current_timespan_end_now"];
- 
diff --git a/snmp_invalid_response.patch b/snmp_invalid_response.patch
deleted file mode 100644
index 5b2dd20..0000000
--- a/snmp_invalid_response.patch
+++ /dev/null
@@ -1,25 +0,0 @@
---- ../tags/0.8.7e/include/global_arrays.php	2009-06-28 12:34:31.000000000 -0400
-+++ 0.8.7/include/global_arrays.php	2009-08-18 20:04:44.000000000 -0400
-@@ -174,6 +174,10 @@
- 	"DES" => "DES (default)",
- 	"AES128" => "AES");
- 
-+$banned_snmp_strings = array(
-+	"End of MIB",
-+	"No Such");
-+
- $logfile_options = array(1 =>
- 	"Logfile Only",
- 	"Logfile and Syslog/Eventlog",
---- ../tags/0.8.7e/lib/snmp.php	2009-06-28 12:34:30.000000000 -0400
-+++ 0.8.7/lib/snmp.php	2009-08-18 20:04:44.000000000 -0400
-@@ -27,9 +27,6 @@
- define("SNMP_METHOD_PHP", 1);
- define("SNMP_METHOD_BINARY", 2);
- 
--/* declare once, use many times */
--$banned_snmp_strings = array("End of MIB", "No Such");
--
- /* we must use an apostrophe to escape community names under Unix in case the user uses
- characters that the shell might interpret. the ucd-snmp binaries on Windows flip out when
- you do this, but are perfectly happy with a quotation mark. */
diff --git a/sources b/sources
index c43e0c1..918e8cf 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-7563a58a57d2c6cc0da28cc341a30969  cacti-0.8.7e.tar.gz
+c50a49e3b439dba1fd44ddc34276d4df  cacti-0.8.7f.tar.gz
diff --git a/sql_injection_template_export.patch b/sql_injection_template_export.patch
deleted file mode 100644
index 397990c..0000000
--- a/sql_injection_template_export.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- cacti-0.8.7e/templates_export.php	2009-06-28 12:07:11.000000000 -0400
-+++ cacti-fixed/templates_export.php	2010-04-17 14:08:42.000000000 -0400
-@@ -49,6 +49,10 @@
- function form_save() {
- 	global $export_types;
- 
-+    /* ================= input validation ================= */
-+    input_validate_input_number(get_request_var_post("export_item_id"));
-+    /* ==================================================== */
-+
- 	if (isset($_POST["save_component_export"])) {
- 		$xml_data = get_item_xml($_POST["export_type"], $_POST["export_item_id"], (((isset($_POST["include_deps"]) ? $_POST["include_deps"] : "") == "") ? false : true));
- 
diff --git a/template_duplication.patch b/template_duplication.patch
deleted file mode 100644
index cd6ff4b..0000000
--- a/template_duplication.patch
+++ /dev/null
@@ -1,234 +0,0 @@
-diff -ruBbd 0.8.7e/cli/repair_templates.php 0.8.7/cli/repair_templates.php
---- 0.8.7e/cli/repair_templates.php	2009-08-18 22:03:22.000000000 -0400
-+++ 0.8.7/cli/repair_templates.php	2009-08-20 07:43:54.000000000 -0400
-@@ -0,0 +1,135 @@
-+<?php
-+/*
-+ +-------------------------------------------------------------------------+
-+ | Copyright (C) 2004-2009 The Cacti Group                                 |
-+ |                                                                         |
-+ | This program is free software; you can redistribute it and/or           |
-+ | modify it under the terms of the GNU General Public License             |
-+ | as published by the Free Software Foundation; either version 2          |
-+ | of the License, or (at your option) any later version.                  |
-+ |                                                                         |
-+ | This program is distributed in the hope that it will be useful,         |
-+ | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
-+ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
-+ | GNU General Public License for more details.                            |
-+ +-------------------------------------------------------------------------+
-+ | Cacti: The Complete RRDTool-based Graphing Solution                     |
-+ +-------------------------------------------------------------------------+
-+ | This code is designed, written, and maintained by the Cacti Group. See  |
-+ | about.php and/or the AUTHORS file for specific developer information.   |
-+ +-------------------------------------------------------------------------+
-+ | http://www.cacti.net/                                                   |
-+ +-------------------------------------------------------------------------+
-+*/
-+
-+/* do NOT run this script through a web browser */
-+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
-+	die("<br><strong>This script is only meant to run at the command line.</strong>");
-+}
-+
-+$no_http_headers = true;
-+
-+include(dirname(__FILE__) . "/../include/global.php");
-+include_once("../lib/utility.php");
-+include_once("../lib/template.php");
-+
-+/* process calling arguments */
-+$parms = $_SERVER["argv"];
-+array_shift($parms);
-+
-+$execute = FALSE;
-+
-+foreach($parms as $parameter) {
-+	@list($arg, $value) = @explode("=", $parameter);
-+
-+	switch ($arg) {
-+	case "--execute":
-+		$execute = TRUE;
-+		break;
-+	case "-h":
-+	case "-v":
-+	case "-V":
-+	case "--version":
-+	case "--help":
-+		display_help();
-+		exit;
-+	default:
-+		print "ERROR: Invalid Parameter " . $parameter . "\n\n";
-+		display_help();
-+		exit;
-+	}
-+}
-+
-+if ($execute) {
-+	echo "NOTE: Repairing All Duplicated Templates\n";
-+} else {
-+	echo "NOTE: Performing Check of Templates\n";
-+}
-+
-+/* repair data templates first */
-+if ($execute) {
-+	echo "NOTE: Repairing Data Templates\n";
-+} else {
-+	echo "NOTE: Performing Check of Data Templates\n";
-+}
-+
-+$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT data_template_id FROM data_template_rrd WHERE hash='' AND local_data_id=0");
-+if (sizeof($damaged_template_ids)) {
-+	foreach($damaged_template_ids as $id) {
		$template_name = db_fetch_cell("SELECT name FROM data_template WHERE id=" . $id["data_template_id"]);
-+		echo "NOTE: Data Template '$template_name' is Damaged and can be repaired\n";
-+	}
-+
-+	$damaged_templates = db_fetch_assoc("SELECT * FROM data_template_rrd WHERE hash='' AND local_data_id=0");
-+	if (sizeof($damaged_templates)) {
-+		echo "NOTE: -- Damaged Data Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
-+		if ($execute) {
-+			foreach($damaged_templates as $template) {
-+				$hash = get_hash_data_template($template["local_data_template_rrd_id"], "data_template_item");
-+				db_execute("UPDATE data_template_rrd SET hash='$hash' WHERE id=" . $template["id"]);
-+			}
-+		}
-+	}
-+} else {
-+	echo "NOTE: No Damaged Data Templates Found\n";
-+}
-+
-+/* reset the array */
-+$damaged_templates = array();
-+
-+/* repair graph templates */
-+if ($execute) {
-+	echo "NOTE: Repairing Graph Templates\n";
-+} else {
-+	echo "NOTE: Performing Check of Graph Templates\n";
-+}
-+
-+$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT graph_template_id FROM graph_template_input WHERE hash=''");
-+if (sizeof($damaged_template_ids)) {
-+	foreach($damaged_template_ids as $id) {
-+		$template_name = db_fetch_cell("SELECT name FROM graph_templates WHERE id=" . $id["graph_template_id"]);
-+		echo "NOTE: Graph Template '$template_name' is Damaged and can be repaired\n";
-+	}
-+
-+	$damaged_templates = db_fetch_assoc("SELECT * FROM graph_template_input WHERE hash=''");
-+	if (sizeof($damaged_templates)) {
-+		echo "NOTE: -- Damaged Graph Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
-+		if ($execute) {
-+			foreach($damaged_templates as $template) {
-+				$hash = get_hash_graph_template(0, "graph_template_input");
-+				db_execute("UPDATE graph_template_input SET hash='$hash' WHERE id=" . $template["id"]);
-+			}
-+		}
-+	}
-+} else {
-+	echo "NOTE: No Damaged Graph Templates Found\n";
-+}
-+
-+
-+/* display_help - displays the usage of the function */
-+function display_help () {
-+	print "Cacti Database Template Repair Tool v1.0, Copyright 2004-2009 - The Cacti Group\n\n";
-+	print "usage: repair_templates.php --execute [--help]\n\n";
-+	print "--execute        - Perform the repair\n";
-+	print "--help           - display this help message\n";
-+}
-+?>
-diff -ruBbd 0.8.7e/docs/README 0.8.7/docs/README
---- 0.8.7e/docs/README	2009-08-18 21:57:30.000000000 -0400
-+++ 0.8.7/docs/README	2009-08-18 21:58:09.000000000 -0400
-@@ -90,6 +90,9 @@
-                             table
-   poller_reindex_hosts.php - Cause data query reindex on hosts
-   rebuild_poller_cache.php - Rebuilds the poller cache
-+  repair_templates.php     - Certain templates, when created using the "duplicate"
-+      function in Cacti, do not import/export well.  This utility repairs 
-+      those templates.
- 
- 
- 
-diff -ruBbd 0.8.7e/lib/export.php 0.8.7/lib/export.php
---- 0.8.7e/lib/export.php	2009-08-18 21:56:47.000000000 -0400
-+++ 0.8.7/lib/export.php	2009-08-18 21:57:50.000000000 -0400
-@@ -811,7 +811,9 @@
- }
- 
- function xml_character_encode($text) {
--
-+	if (function_exists("htmlspecialchars")) {
-+		return htmlspecialchars($text, ENT_QUOTES, "UTF-8");
-+	} else {
- 	$text = str_replace("&", "&amp;", $text);
- 	$text = str_replace(">", "&gt;", $text);
- 	$text = str_replace("<", "&lt;", $text);
-@@ -819,6 +821,7 @@
- 	$text = str_replace("\'", "&apos;", $text);
- 
- 	return $text;
-+	}
- }
- 
- ?>
-diff -ruBbd 0.8.7e/lib/import.php 0.8.7/lib/import.php
---- 0.8.7e/lib/import.php	2009-08-18 21:56:59.000000000 -0400
-+++ 0.8.7/lib/import.php	2009-08-18 21:57:55.000000000 -0400
-@@ -36,10 +36,6 @@
- 		return $info_array;
- 	}
- 
--	if (isset($xml_array["name"])) {
--		$xml_array["name"] = htmlspecialchars($xml_array["name"]);
--	}
--
- 	while (list($hash, $hash_array) = each($xml_array)) {
- 		/* parse information from the hash */
- 		$parsed_hash = parse_xml_hash($hash);
-@@ -115,7 +111,7 @@
- 	$_graph_template_id = db_fetch_cell("select id from graph_templates where hash='$hash'");
- 	$save["id"] = (empty($_graph_template_id) ? "0" : $_graph_template_id);
- 	$save["hash"] = $hash;
--	$save["name"] = htmlspecialchars($xml_array["name"]);
-+	$save["name"] = $xml_array["name"];
- 	$graph_template_id = sql_save($save, "graph_templates");
- 
- 	$hash_cache["graph_template"][$hash] = $graph_template_id;
-@@ -914,9 +910,13 @@
- }
- 
- function xml_character_decode($text) {
-+	if (function_exists("html_entity_decode")) {
-+		return html_entity_decode($text, ENT_QUOTES, "UTF-8");
-+	} else {
- 	$trans_tbl = get_html_translation_table(HTML_ENTITIES);
- 	$trans_tbl = array_flip($trans_tbl);
- 	return strtr($text, $trans_tbl);
-+	}
- }
- 
- ?>
-diff -ruBbd 0.8.7e/lib/utility.php 0.8.7/lib/utility.php
---- 0.8.7e/lib/utility.php	2009-08-18 21:57:08.000000000 -0400
-+++ 0.8.7/lib/utility.php	2009-08-18 21:58:00.000000000 -0400
-@@ -346,6 +346,7 @@
- 			$save["name"] = $graph_template_input["name"];
- 			$save["description"] = $graph_template_input["description"];
- 			$save["column_name"] = $graph_template_input["column_name"];
-+			$save["hash"]              = get_hash_graph_template(0, "graph_template_input");
- 
- 			$graph_template_input_id = sql_save($save, "graph_template_input");
- 
-@@ -436,6 +437,11 @@
- 		$save["local_data_id"] = (isset($local_data_id) ? $local_data_id : 0);
- 		$save["local_data_template_rrd_id"] = (isset($data_template_rrd["local_data_template_rrd_id"]) ? $data_template_rrd["local_data_template_rrd_id"] : 0);
- 		$save["data_template_id"] = (!empty($_local_data_id) ? $data_template_rrd["data_template_id"] : $data_template_id);
-+		if ($save["local_data_id"] == 0) {
-+			$save["hash"]                   = get_hash_data_template($data_template_rrd["local_data_template_rrd_id"], "data_template_item");
-+		} else {
-+			$save["hash"] = '';
-+		}
- 
- 		while (list($field, $array) = each($struct_data_source_item)) {
- 			$save{$field} = $data_template_rrd{$field};

From c7b26ec5991aead26fd9758e8768f2057d1ff3e0 Mon Sep 17 00:00:00 2001
From: Mike McGrath <mmcgrath@fedoraproject.org>
Date: Mon, 12 Jul 2010 15:12:37 +0000
Subject: [PATCH 27/31] Upstream released new version

---
 .cvsignore | 2 +-
 cacti.spec | 5 ++++-
 sources    | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index 80dd1a5..c274c8f 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-cacti-0.8.7f.tar.gz
+cacti-0.8.7g.tar.gz
diff --git a/cacti.spec b/cacti.spec
index eb3a56b..30f1951 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,5 +1,5 @@
 Name: cacti
-Version: 0.8.7f
+Version: 0.8.7g
 Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
@@ -105,6 +105,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Mon Jul 12 2010 Mike McGrath <mmcgrath@redhat.com> 0.8.7g-1
+- Upstream released new version
+
 * Mon May 24 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7f-1
 - Upstream released new version
 - Contains security updates #595289
diff --git a/sources b/sources
index 918e8cf..a5cc6f8 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-c50a49e3b439dba1fd44ddc34276d4df  cacti-0.8.7f.tar.gz
+268421cb1a58d3444f7ecbddb4c4b016  cacti-0.8.7g.tar.gz

From dd986b676819c8dfff25ca747c4a0df633c9ac44 Mon Sep 17 00:00:00 2001
From: Fedora Release Engineering <rel-eng@lists.fedoraproject.org>
Date: Wed, 28 Jul 2010 11:25:17 +0000
Subject: [PATCH 28/31] dist-git conversion

---
 .cvsignore => .gitignore |  0
 Makefile                 | 21 ---------------------
 2 files changed, 21 deletions(-)
 rename .cvsignore => .gitignore (100%)
 delete mode 100644 Makefile

diff --git a/.cvsignore b/.gitignore
similarity index 100%
rename from .cvsignore
rename to .gitignore
diff --git a/Makefile b/Makefile
deleted file mode 100644
index e8315b1..0000000
--- a/Makefile
+++ /dev/null
@@ -1,21 +0,0 @@
-# Makefile for source rpm: cacti
-# $Id$
-NAME := cacti
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attept a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

From b91eebdb1f4429a8c9889782fc018f7fd20e9dab Mon Sep 17 00:00:00 2001
From: Dennis Gilmore <dennis@ausil.us>
Date: Tue, 8 Feb 2011 00:18:33 -0600
Subject: [PATCH 29/31] - Rebuilt for
 https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

---
 cacti.spec | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cacti.spec b/cacti.spec
index 30f1951..b68ee0e 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7g
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -105,6 +105,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7g-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
 * Mon Jul 12 2010 Mike McGrath <mmcgrath@redhat.com> 0.8.7g-1
 - Upstream released new version
 

From 95142bf2bb8e7384a8b64011c48f2034ce1b4a9f Mon Sep 17 00:00:00 2001
From: Jon Ciesla <limb@jcomserv.net>
Date: Mon, 8 Aug 2011 11:41:48 -0500
Subject: [PATCH 30/31] MySQL 5.5 fix.

---
 cacti-0.8.7g-mysql55-type.patch | 434 ++++++++++++++++++++++++++++++++
 cacti.spec                      |   8 +-
 2 files changed, 441 insertions(+), 1 deletion(-)
 create mode 100644 cacti-0.8.7g-mysql55-type.patch

diff --git a/cacti-0.8.7g-mysql55-type.patch b/cacti-0.8.7g-mysql55-type.patch
new file mode 100644
index 0000000..a072820
--- /dev/null
+++ b/cacti-0.8.7g-mysql55-type.patch
@@ -0,0 +1,434 @@
+--- cacti.sql.orig	2011-08-05 11:47:34.989751169 +0200
++++ cacti.sql	2011-08-05 11:48:09.725480526 +0200
+@@ -7,7 +7,7 @@
+   hash varchar(32) NOT NULL default '',
+   name varchar(255) NOT NULL default '',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `cdef`
+@@ -33,7 +33,7 @@
+   value varchar(150) NOT NULL default '',
+   PRIMARY KEY  (id),
+   KEY cdef_id (cdef_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `cdef_items`
+@@ -64,7 +64,7 @@
+   id mediumint(8) unsigned NOT NULL auto_increment,
+   hex varchar(6) NOT NULL default '',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `colors`
+@@ -184,7 +184,7 @@
+   type_id tinyint(2) NOT NULL default '0',
+   PRIMARY KEY (id),
+   KEY name (name)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_input`
+@@ -214,7 +214,7 @@
+   value text,
+   PRIMARY KEY (data_input_field_id,data_template_data_id),
+   KEY t_value (t_value)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_input_data`
+@@ -418,7 +418,7 @@
+   PRIMARY KEY  (id),
+   KEY data_input_id (data_input_id),
+   KEY type_code (type_code)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_input_fields`
+@@ -482,7 +482,7 @@
+   snmp_query_id mediumint(8) NOT NULL default '0',
+   snmp_index varchar(255) NOT NULL default '',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_local`
+@@ -503,7 +503,7 @@
+   hash varchar(32) NOT NULL default '',
+   name varchar(150) NOT NULL default '',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_template`
+@@ -573,7 +573,7 @@
+   PRIMARY KEY  (id),
+   KEY local_data_id (local_data_id),
+   KEY data_template_id (data_template_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_template_data`
+@@ -635,7 +635,7 @@
+   rra_id mediumint(8) unsigned NOT NULL default '0',
+   PRIMARY KEY  (data_template_data_id,rra_id),
+   KEY data_template_data_id (data_template_data_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_template_data_rra`
+@@ -852,7 +852,7 @@
+   KEY local_data_id (local_data_id),
+   KEY data_template_id (data_template_id),
+   KEY local_data_template_rrd_id (local_data_template_rrd_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `data_template_rrd`
+@@ -936,7 +936,7 @@
+   KEY graph_template_id (graph_template_id),
+   KEY snmp_query_id (snmp_query_id),
+   KEY snmp_index (snmp_index)
+-) TYPE=MyISAM COMMENT='Creates a relationship for each item in a custom graph.';
++) ENGINE=MyISAM COMMENT='Creates a relationship for each item in a custom graph.';
+ 
+ --
+ -- Dumping data for table `graph_local`
+@@ -959,7 +959,7 @@
+   description text,
+   column_name varchar(50) NOT NULL default '',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM COMMENT='Stores the names for graph item input groups.';
++) ENGINE=MyISAM COMMENT='Stores the names for graph item input groups.';
+ 
+ --
+ -- Dumping data for table `graph_template_input`
+@@ -1052,7 +1052,7 @@
+   graph_template_item_id int(12) unsigned NOT NULL default '0',
+   PRIMARY KEY  (graph_template_input_id,graph_template_item_id),
+   KEY graph_template_input_id (graph_template_input_id)
+-) TYPE=MyISAM COMMENT='Stores the relationship for what graph iitems are associated';
++) ENGINE=MyISAM COMMENT='Stores the relationship for what graph iitems are associated';
+ 
+ --
+ -- Dumping data for table `graph_template_input_defs`
+@@ -1326,7 +1326,7 @@
+   name char(255) NOT NULL default '',
+   PRIMARY KEY  (id),
+   KEY name (name)
+-) TYPE=MyISAM COMMENT='Contains each graph template name.';
++) ENGINE=MyISAM COMMENT='Contains each graph template name.';
+ 
+ --
+ -- Dumping data for table `graph_templates`
+@@ -1376,7 +1376,7 @@
+   name varchar(100) NOT NULL default '',
+   gprint_text varchar(255) default NULL,
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `graph_templates_gprint`
+@@ -1438,7 +1438,7 @@
+   KEY local_graph_id (local_graph_id),
+   KEY graph_template_id (graph_template_id),
+   KEY title_cache (title_cache)
+-) TYPE=MyISAM COMMENT='Stores the actual graph data.';
++) ENGINE=MyISAM COMMENT='Stores the actual graph data.';
+ 
+ --
+ -- Dumping data for table `graph_templates_graph`
+@@ -1507,7 +1507,7 @@
+   KEY graph_template_id (graph_template_id),
+   KEY local_graph_id (local_graph_id),
+   KEY task_item_id (task_item_id)
+-) TYPE=MyISAM COMMENT='Stores the actual graph item data.';
++) ENGINE=MyISAM COMMENT='Stores the actual graph item data.';
+ 
+ --
+ -- Dumping data for table `graph_templates_item`
+@@ -1803,7 +1803,7 @@
+   sort_type tinyint(3) unsigned NOT NULL default '1',
+   name varchar(255) NOT NULL default '',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `graph_tree`
+@@ -1830,7 +1830,7 @@
+   KEY host_id (host_id),
+   KEY local_graph_id (local_graph_id),
+   KEY order_key (order_key)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `graph_tree_items`
+@@ -1879,7 +1879,7 @@
+   availability decimal(8,5) NOT NULL default '100.00000',
+   PRIMARY KEY  (id),
+   KEY disabled (disabled)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `host`
+@@ -1895,7 +1895,7 @@
+   host_id mediumint(8) unsigned NOT NULL default '0',
+   graph_template_id mediumint(8) unsigned NOT NULL default '0',
+   PRIMARY KEY  (host_id,graph_template_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `host_graph`
+@@ -1923,7 +1923,7 @@
+   KEY field_name (field_name),
+   KEY field_value (field_value),
+   KEY snmp_query_id (snmp_query_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `host_snmp_cache`
+@@ -1942,7 +1942,7 @@
+   reindex_method tinyint(3) unsigned NOT NULL default '0',
+   PRIMARY KEY  (host_id,snmp_query_id),
+   KEY host_id (host_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `host_snmp_query`
+@@ -1959,7 +1959,7 @@
+   hash varchar(32) NOT NULL default '',
+   name varchar(100) NOT NULL default '',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `host_template`
+@@ -1982,7 +1982,7 @@
+   graph_template_id mediumint(8) unsigned NOT NULL default '0',
+   PRIMARY KEY  (host_template_id,graph_template_id),
+   KEY host_template_id (host_template_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `host_template_graph`
+@@ -2012,7 +2012,7 @@
+   snmp_query_id mediumint(8) unsigned NOT NULL default '0',
+   PRIMARY KEY  (host_template_id,snmp_query_id),
+   KEY host_template_id (host_template_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `host_template_snmp_query`
+@@ -2042,7 +2042,7 @@
+   ip_address int(11) unsigned NOT NULL default '0',
+   last_update datetime NOT NULL default '0000-00-00 00:00:00',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `poller`
+@@ -2059,7 +2059,7 @@
+   action tinyint(3) unsigned NOT NULL default '0',
+   command varchar(200) NOT NULL default '',
+   PRIMARY KEY  (poller_id,action,command)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `poller_command`
+@@ -2099,7 +2099,7 @@
+   KEY host_id (host_id),
+   KEY rrd_next_step (rrd_next_step),
+   KEY action (action)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `poller_item`
+@@ -2116,7 +2116,7 @@
+   time datetime NOT NULL default '0000-00-00 00:00:00',
+   output text NOT NULL,
+   PRIMARY KEY  (local_data_id,rrd_name,time)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `poller_output`
+@@ -2135,7 +2135,7 @@
+   assert_value varchar(100) NOT NULL default '',
+   arg1 varchar(255) NOT NULL default '',
+   PRIMARY KEY  (host_id,data_query_id,arg1)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `poller_reindex`
+@@ -2153,7 +2153,7 @@
+   start_time datetime NOT NULL default '0000-00-00 00:00:00',
+   end_time datetime NOT NULL default '0000-00-00 00:00:00',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `poller_time`
+@@ -2173,7 +2173,7 @@
+   rows int(12) NOT NULL default '600',
+   timespan int(12) unsigned NOT NULL default '0',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `rra`
+@@ -2194,7 +2194,7 @@
+   consolidation_function_id smallint(5) unsigned NOT NULL default '0',
+   PRIMARY KEY  (rra_id,consolidation_function_id),
+   KEY rra_id (rra_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `rra_cf`
+@@ -2219,7 +2219,7 @@
+   name varchar(50) NOT NULL default '',
+   value varchar(255) NOT NULL default '',
+   PRIMARY KEY  (name)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `settings`
+@@ -2235,7 +2235,7 @@
+   name varchar(50) NOT NULL default '',
+   value varchar(255) NOT NULL default '',
+   PRIMARY KEY  (user_id,name)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `settings_graphs`
+@@ -2251,7 +2251,7 @@
+   graph_tree_item_id mediumint(8) unsigned NOT NULL default '0',
+   status tinyint(1) NOT NULL default '0',
+   PRIMARY KEY  (user_id,graph_tree_item_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `settings_tree`
+@@ -2272,7 +2272,7 @@
+   data_input_id mediumint(8) unsigned NOT NULL default '0',
+   PRIMARY KEY  (id),
+   KEY name (name)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `snmp_query`
+@@ -2298,7 +2298,7 @@
+   name varchar(100) NOT NULL default '',
+   graph_template_id mediumint(8) unsigned NOT NULL default '0',
+   PRIMARY KEY  (id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `snmp_query_graph`
+@@ -2336,7 +2336,7 @@
+   PRIMARY KEY  (snmp_query_graph_id,data_template_id,data_template_rrd_id),
+   KEY data_template_rrd_id (data_template_rrd_id),
+   KEY snmp_query_graph_id (snmp_query_graph_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `snmp_query_graph_rrd`
+@@ -2397,7 +2397,7 @@
+   PRIMARY KEY  (id),
+   KEY snmp_query_graph_id (snmp_query_graph_id),
+   KEY data_template_id (data_template_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `snmp_query_graph_rrd_sv`
+@@ -2476,7 +2476,7 @@
+   text varchar(255) NOT NULL default '',
+   PRIMARY KEY  (id),
+   KEY snmp_query_graph_id (snmp_query_graph_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `snmp_query_graph_sv`
+@@ -2548,7 +2548,7 @@
+   KEY username (username),
+   KEY realm (realm),
+   KEY enabled (enabled)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `user_auth`
+@@ -2567,7 +2567,7 @@
+   type tinyint(2) unsigned NOT NULL default '0',
+   PRIMARY KEY  (user_id,item_id,type),
+   KEY user_id (user_id,type)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `user_auth_perms`
+@@ -2583,7 +2583,7 @@
+   user_id mediumint(8) unsigned NOT NULL default '0',
+   PRIMARY KEY  (realm_id,user_id),
+   KEY user_id (user_id)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `user_auth_realm`
+@@ -2619,7 +2619,7 @@
+   ip varchar(40) NOT NULL default '',
+   PRIMARY KEY  (username,user_id,time),
+   KEY username (username)
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `user_log`
+@@ -2632,7 +2632,7 @@
+ 
+ CREATE TABLE version (
+   cacti char(20) default NULL
+-) TYPE=MyISAM;
++) ENGINE=MyISAM;
+ 
+ --
+ -- Dumping data for table `version`
diff --git a/cacti.spec b/cacti.spec
index b68ee0e..2700368 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
 Version: 0.8.7g
-Release: 2%{?dist}
+Release: 3%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -11,6 +11,7 @@ Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
 Source1: cacti-httpd.conf
 Source2: cacti.logrotate
 Source3: cacti.README.Fedora
+Patch0:  cacti-0.8.7g-mysql55-type.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -31,6 +32,8 @@ used to creating traffic graphs with MRTG.
 %prep
 %setup -q
 
+%patch0 -p0
+
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
 %install
@@ -105,6 +108,9 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Mon Aug 08 2011 Jon Ciesla <limb@jcomserv.net> - 0.8.7g-3
+- Patch for MySQL 5.5, BZ 728513.
+
 * Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.7g-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
 

From 355ddffde4c2a3a0314d7806a01f0bd0d54971cf Mon Sep 17 00:00:00 2001
From: Ken Dreyer <ktdreyer@ktdreyer.com>
Date: Thu, 27 Oct 2011 12:17:56 -0600
Subject: [PATCH 31/31] update to 0.8.7h

---
 .gitignore                      |   1 +
 cacti-0.8.7g-mysql55-type.patch | 434 --------------------------------
 cacti.spec                      |  11 +-
 sources                         |   2 +-
 4 files changed, 8 insertions(+), 440 deletions(-)
 delete mode 100644 cacti-0.8.7g-mysql55-type.patch

diff --git a/.gitignore b/.gitignore
index c274c8f..8a26c73 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 cacti-0.8.7g.tar.gz
+/cacti-0.8.7h.tar.gz
diff --git a/cacti-0.8.7g-mysql55-type.patch b/cacti-0.8.7g-mysql55-type.patch
deleted file mode 100644
index a072820..0000000
--- a/cacti-0.8.7g-mysql55-type.patch
+++ /dev/null
@@ -1,434 +0,0 @@
---- cacti.sql.orig	2011-08-05 11:47:34.989751169 +0200
-+++ cacti.sql	2011-08-05 11:48:09.725480526 +0200
-@@ -7,7 +7,7 @@
-   hash varchar(32) NOT NULL default '',
-   name varchar(255) NOT NULL default '',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `cdef`
-@@ -33,7 +33,7 @@
-   value varchar(150) NOT NULL default '',
-   PRIMARY KEY  (id),
-   KEY cdef_id (cdef_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `cdef_items`
-@@ -64,7 +64,7 @@
-   id mediumint(8) unsigned NOT NULL auto_increment,
-   hex varchar(6) NOT NULL default '',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `colors`
-@@ -184,7 +184,7 @@
-   type_id tinyint(2) NOT NULL default '0',
-   PRIMARY KEY (id),
-   KEY name (name)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_input`
-@@ -214,7 +214,7 @@
-   value text,
-   PRIMARY KEY (data_input_field_id,data_template_data_id),
-   KEY t_value (t_value)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_input_data`
-@@ -418,7 +418,7 @@
-   PRIMARY KEY  (id),
-   KEY data_input_id (data_input_id),
-   KEY type_code (type_code)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_input_fields`
-@@ -482,7 +482,7 @@
-   snmp_query_id mediumint(8) NOT NULL default '0',
-   snmp_index varchar(255) NOT NULL default '',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_local`
-@@ -503,7 +503,7 @@
-   hash varchar(32) NOT NULL default '',
-   name varchar(150) NOT NULL default '',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_template`
-@@ -573,7 +573,7 @@
-   PRIMARY KEY  (id),
-   KEY local_data_id (local_data_id),
-   KEY data_template_id (data_template_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_template_data`
-@@ -635,7 +635,7 @@
-   rra_id mediumint(8) unsigned NOT NULL default '0',
-   PRIMARY KEY  (data_template_data_id,rra_id),
-   KEY data_template_data_id (data_template_data_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_template_data_rra`
-@@ -852,7 +852,7 @@
-   KEY local_data_id (local_data_id),
-   KEY data_template_id (data_template_id),
-   KEY local_data_template_rrd_id (local_data_template_rrd_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `data_template_rrd`
-@@ -936,7 +936,7 @@
-   KEY graph_template_id (graph_template_id),
-   KEY snmp_query_id (snmp_query_id),
-   KEY snmp_index (snmp_index)
--) TYPE=MyISAM COMMENT='Creates a relationship for each item in a custom graph.';
-+) ENGINE=MyISAM COMMENT='Creates a relationship for each item in a custom graph.';
- 
- --
- -- Dumping data for table `graph_local`
-@@ -959,7 +959,7 @@
-   description text,
-   column_name varchar(50) NOT NULL default '',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM COMMENT='Stores the names for graph item input groups.';
-+) ENGINE=MyISAM COMMENT='Stores the names for graph item input groups.';
- 
- --
- -- Dumping data for table `graph_template_input`
-@@ -1052,7 +1052,7 @@
-   graph_template_item_id int(12) unsigned NOT NULL default '0',
-   PRIMARY KEY  (graph_template_input_id,graph_template_item_id),
-   KEY graph_template_input_id (graph_template_input_id)
--) TYPE=MyISAM COMMENT='Stores the relationship for what graph iitems are associated';
-+) ENGINE=MyISAM COMMENT='Stores the relationship for what graph iitems are associated';
- 
- --
- -- Dumping data for table `graph_template_input_defs`
-@@ -1326,7 +1326,7 @@
-   name char(255) NOT NULL default '',
-   PRIMARY KEY  (id),
-   KEY name (name)
--) TYPE=MyISAM COMMENT='Contains each graph template name.';
-+) ENGINE=MyISAM COMMENT='Contains each graph template name.';
- 
- --
- -- Dumping data for table `graph_templates`
-@@ -1376,7 +1376,7 @@
-   name varchar(100) NOT NULL default '',
-   gprint_text varchar(255) default NULL,
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `graph_templates_gprint`
-@@ -1438,7 +1438,7 @@
-   KEY local_graph_id (local_graph_id),
-   KEY graph_template_id (graph_template_id),
-   KEY title_cache (title_cache)
--) TYPE=MyISAM COMMENT='Stores the actual graph data.';
-+) ENGINE=MyISAM COMMENT='Stores the actual graph data.';
- 
- --
- -- Dumping data for table `graph_templates_graph`
-@@ -1507,7 +1507,7 @@
-   KEY graph_template_id (graph_template_id),
-   KEY local_graph_id (local_graph_id),
-   KEY task_item_id (task_item_id)
--) TYPE=MyISAM COMMENT='Stores the actual graph item data.';
-+) ENGINE=MyISAM COMMENT='Stores the actual graph item data.';
- 
- --
- -- Dumping data for table `graph_templates_item`
-@@ -1803,7 +1803,7 @@
-   sort_type tinyint(3) unsigned NOT NULL default '1',
-   name varchar(255) NOT NULL default '',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `graph_tree`
-@@ -1830,7 +1830,7 @@
-   KEY host_id (host_id),
-   KEY local_graph_id (local_graph_id),
-   KEY order_key (order_key)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `graph_tree_items`
-@@ -1879,7 +1879,7 @@
-   availability decimal(8,5) NOT NULL default '100.00000',
-   PRIMARY KEY  (id),
-   KEY disabled (disabled)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `host`
-@@ -1895,7 +1895,7 @@
-   host_id mediumint(8) unsigned NOT NULL default '0',
-   graph_template_id mediumint(8) unsigned NOT NULL default '0',
-   PRIMARY KEY  (host_id,graph_template_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `host_graph`
-@@ -1923,7 +1923,7 @@
-   KEY field_name (field_name),
-   KEY field_value (field_value),
-   KEY snmp_query_id (snmp_query_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `host_snmp_cache`
-@@ -1942,7 +1942,7 @@
-   reindex_method tinyint(3) unsigned NOT NULL default '0',
-   PRIMARY KEY  (host_id,snmp_query_id),
-   KEY host_id (host_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `host_snmp_query`
-@@ -1959,7 +1959,7 @@
-   hash varchar(32) NOT NULL default '',
-   name varchar(100) NOT NULL default '',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `host_template`
-@@ -1982,7 +1982,7 @@
-   graph_template_id mediumint(8) unsigned NOT NULL default '0',
-   PRIMARY KEY  (host_template_id,graph_template_id),
-   KEY host_template_id (host_template_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `host_template_graph`
-@@ -2012,7 +2012,7 @@
-   snmp_query_id mediumint(8) unsigned NOT NULL default '0',
-   PRIMARY KEY  (host_template_id,snmp_query_id),
-   KEY host_template_id (host_template_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `host_template_snmp_query`
-@@ -2042,7 +2042,7 @@
-   ip_address int(11) unsigned NOT NULL default '0',
-   last_update datetime NOT NULL default '0000-00-00 00:00:00',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `poller`
-@@ -2059,7 +2059,7 @@
-   action tinyint(3) unsigned NOT NULL default '0',
-   command varchar(200) NOT NULL default '',
-   PRIMARY KEY  (poller_id,action,command)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `poller_command`
-@@ -2099,7 +2099,7 @@
-   KEY host_id (host_id),
-   KEY rrd_next_step (rrd_next_step),
-   KEY action (action)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `poller_item`
-@@ -2116,7 +2116,7 @@
-   time datetime NOT NULL default '0000-00-00 00:00:00',
-   output text NOT NULL,
-   PRIMARY KEY  (local_data_id,rrd_name,time)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `poller_output`
-@@ -2135,7 +2135,7 @@
-   assert_value varchar(100) NOT NULL default '',
-   arg1 varchar(255) NOT NULL default '',
-   PRIMARY KEY  (host_id,data_query_id,arg1)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `poller_reindex`
-@@ -2153,7 +2153,7 @@
-   start_time datetime NOT NULL default '0000-00-00 00:00:00',
-   end_time datetime NOT NULL default '0000-00-00 00:00:00',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `poller_time`
-@@ -2173,7 +2173,7 @@
-   rows int(12) NOT NULL default '600',
-   timespan int(12) unsigned NOT NULL default '0',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `rra`
-@@ -2194,7 +2194,7 @@
-   consolidation_function_id smallint(5) unsigned NOT NULL default '0',
-   PRIMARY KEY  (rra_id,consolidation_function_id),
-   KEY rra_id (rra_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `rra_cf`
-@@ -2219,7 +2219,7 @@
-   name varchar(50) NOT NULL default '',
-   value varchar(255) NOT NULL default '',
-   PRIMARY KEY  (name)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `settings`
-@@ -2235,7 +2235,7 @@
-   name varchar(50) NOT NULL default '',
-   value varchar(255) NOT NULL default '',
-   PRIMARY KEY  (user_id,name)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `settings_graphs`
-@@ -2251,7 +2251,7 @@
-   graph_tree_item_id mediumint(8) unsigned NOT NULL default '0',
-   status tinyint(1) NOT NULL default '0',
-   PRIMARY KEY  (user_id,graph_tree_item_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `settings_tree`
-@@ -2272,7 +2272,7 @@
-   data_input_id mediumint(8) unsigned NOT NULL default '0',
-   PRIMARY KEY  (id),
-   KEY name (name)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `snmp_query`
-@@ -2298,7 +2298,7 @@
-   name varchar(100) NOT NULL default '',
-   graph_template_id mediumint(8) unsigned NOT NULL default '0',
-   PRIMARY KEY  (id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `snmp_query_graph`
-@@ -2336,7 +2336,7 @@
-   PRIMARY KEY  (snmp_query_graph_id,data_template_id,data_template_rrd_id),
-   KEY data_template_rrd_id (data_template_rrd_id),
-   KEY snmp_query_graph_id (snmp_query_graph_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `snmp_query_graph_rrd`
-@@ -2397,7 +2397,7 @@
-   PRIMARY KEY  (id),
-   KEY snmp_query_graph_id (snmp_query_graph_id),
-   KEY data_template_id (data_template_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `snmp_query_graph_rrd_sv`
-@@ -2476,7 +2476,7 @@
-   text varchar(255) NOT NULL default '',
-   PRIMARY KEY  (id),
-   KEY snmp_query_graph_id (snmp_query_graph_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `snmp_query_graph_sv`
-@@ -2548,7 +2548,7 @@
-   KEY username (username),
-   KEY realm (realm),
-   KEY enabled (enabled)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `user_auth`
-@@ -2567,7 +2567,7 @@
-   type tinyint(2) unsigned NOT NULL default '0',
-   PRIMARY KEY  (user_id,item_id,type),
-   KEY user_id (user_id,type)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `user_auth_perms`
-@@ -2583,7 +2583,7 @@
-   user_id mediumint(8) unsigned NOT NULL default '0',
-   PRIMARY KEY  (realm_id,user_id),
-   KEY user_id (user_id)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `user_auth_realm`
-@@ -2619,7 +2619,7 @@
-   ip varchar(40) NOT NULL default '',
-   PRIMARY KEY  (username,user_id,time),
-   KEY username (username)
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `user_log`
-@@ -2632,7 +2632,7 @@
- 
- CREATE TABLE version (
-   cacti char(20) default NULL
--) TYPE=MyISAM;
-+) ENGINE=MyISAM;
- 
- --
- -- Dumping data for table `version`
diff --git a/cacti.spec b/cacti.spec
index 2700368..a84fd55 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -1,6 +1,6 @@
 Name: cacti
-Version: 0.8.7g
-Release: 3%{?dist}
+Version: 0.8.7h
+Release: 1%{?dist}
 Summary: An rrd based graphing tool
 
 Group: Applications/System
@@ -11,7 +11,6 @@ Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
 Source1: cacti-httpd.conf
 Source2: cacti.logrotate
 Source3: cacti.README.Fedora
-Patch0:  cacti-0.8.7g-mysql55-type.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -32,8 +31,6 @@ used to creating traffic graphs with MRTG.
 %prep
 %setup -q
 
-%patch0 -p0
-
 echo "#*/5 * * * *	cacti	%{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
 
 %install
@@ -108,6 +105,10 @@ fi
 %attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
 
 %changelog
+* Thu Oct 27 2011 Ken Dreyer <ktdreyer@ktdreyer.com> - 0.8.7h-1
+- New upstream release.
+- Remove upstream'd mysql patch.
+
 * Mon Aug 08 2011 Jon Ciesla <limb@jcomserv.net> - 0.8.7g-3
 - Patch for MySQL 5.5, BZ 728513.
 
diff --git a/sources b/sources
index a5cc6f8..eb40192 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-268421cb1a58d3444f7ecbddb4c4b016  cacti-0.8.7g.tar.gz
+58c9371341f49a190ae11a85118e598d  cacti-0.8.7h.tar.gz