Commit Graph

130 Commits

Author SHA1 Message Date
Ken Dreyer
068065e6ac update %changelog for unresolved CVE-2014-2327
CVE-2014-2327, missing CSRF token, is not yet resolved. It is still
tracked at RHBZ #1082122.

Tony Roman <troman@cacti.net> wrote at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768:

  "As for CVE-2014-2327 Cross Site Request Forgery Vulnerability, I'm still
  working on a solution.  I have some limited time this weekend to work on
  this fix.  But I will be on the west coast for business this next week
  and will have time at night to work on this fix."
2014-04-07 19:10:14 -05:00
Ken Dreyer
e04c03e57b patchs for CVEs
- Patch for CVE-2014-2708 SQL injection issues in graph_xport.php
  (RHBZ #1084258)
- Patch for CVE-2014-2709 shell escaping issues in lib/rrd.php
  (RHBZ #1084258)
- Patch for CVE-2014-2326 stored XSS attack (RHBZ #1082122)
- Patch for CVE-2014-2327 missing CSRF token (RHBZ #1082122)
- Patch for CVE-2014-2328 use of exec-like function calls without safety
  checks allow arbitrary command execution (RHBZ #1082122)
2014-04-07 18:59:02 -05:00
Ken Dreyer
3badc5cd12 cron and systemd adjustments
- Move cron to a separate file, and require crontabs (RHBZ #947047).
- Update for systemd (RHBZ #947047).

Thanks Jóhann B. Guðmundsson <johannbg@fedoraproject.org> for both
fixes.

- Replace tab with spaces to satisfy rpmlint.
2014-02-06 21:43:15 -07:00
Ken Dreyer
88983c1129 correct my email address in %changelog
Not sure how I could have missed that one...
2014-01-15 18:44:05 -07:00
Ken Dreyer
b0f42c247c fix comments in thumbnails (BZ #1004550) 2013-09-08 15:09:23 -06:00
Ken Dreyer
fa1f26bd89 Patch for CVE-2013-5588 and CVE-2013-5589
See RHBZ #1000860
2013-08-27 16:37:48 -06:00
Ken Dreyer
8f7fb93344 update to cacti 0.8.8b (BZ #993042) 2013-08-07 10:54:40 -06:00
Ken Dreyer
98a77a5ffd use %{_pkgdocdir}
Use %{_pkgdocdir}, per
https://fedoraproject.org/wiki/Changes/UnversionedDocdirs
2013-07-29 09:35:39 -06:00
Ken Dreyer
a072f796b9 cacti-0.8.8a-8 2013-07-14 15:45:36 -06:00
Ken Dreyer
679597de71 rpmlint fixes
- Remove macros from comments
- Add empty %build
- Trim changelog (removes several bogus calendar dates)
2013-07-14 15:44:20 -06:00
Ken Dreyer
2f786b81b3 use improved treeview replacement patch (RHBZ #888207) 2013-07-14 15:37:56 -06:00
Ken Dreyer
091a542874 improve security description in cacti's httpd conf (RHBZ #895823) 2013-07-14 15:37:44 -06:00
Dennis Gilmore
83475f1909 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild 2013-02-13 12:12:04 -06:00
Ken Dreyer
d6dd104212 bump release to -6 (missed in previous commit) 2013-01-08 11:09:02 -07:00
Ken Dreyer
2562be05a2 add net-snmp-utils dependency, and doc updates
- Add note to README.fedora about the default MySQL password
- Remove reference to "docs/INSTALL" in README.fedora (RHBZ #893122)
- Add dependency on net-snmp-utils (RHBZ #893150)
2013-01-08 11:04:22 -07:00
Ken Dreyer
7b883b2ad6 Install our README file as README.fedora 2013-01-04 15:02:21 -07:00
Ken Dreyer
40b655a3bb Merge branch 'f18' 2013-01-04 15:00:36 -07:00
Tom Callaway
4565a5415c helps when you commit the patches 2013-01-04 16:43:56 -05:00
Tom Callaway
abf8431774 helps when you commit the patches 2013-01-04 16:42:49 -05:00
Tom Callaway
07bcd801e7 remove non-free treeview bits (replace with jquery future code from 0.8.9 trunk) 2013-01-04 16:20:06 -05:00
Tom Callaway
93f833c290 remove non-free treeview bits (replace with jquery future code from 0.8.9 trunk) 2013-01-04 16:17:28 -05:00
Dennis Gilmore
e000f43027 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild 2012-07-18 13:32:12 -05:00
Ken Dreyer
08df79d670 Add plugins directory (BZ #834355)
- Drop Fedora 15 (EOL) from logrotate syntax adjustment
2012-06-28 07:30:31 -06:00
Ken Dreyer
51c056ef13 New upstream release (BZ #817506)
- Drop upstreamed $url_path patch
2012-04-30 11:08:11 -06:00
Ken Dreyer
77c72073c0 Patch $url_path to default to "/cacti/" (upstream bug 2217) 2012-04-11 13:15:13 -06:00
Ken Dreyer
12e71f16d6 Adjust httpd ACL conditionals to test the presence of mod_authz_core
(as discussed on fedora-devel)
2012-04-06 09:59:08 -06:00
Ken Dreyer
99b73ddc76 version 0.8.8 2012-04-04 08:03:42 -06:00
Ken Dreyer
13cc69b855 New upstream release (BZ #809753). 2012-04-04 08:01:37 -06:00
Ken Dreyer
596e3b76f5 Adjust ACLs to support httpd 2.4. 2012-03-26 20:14:52 -06:00
Dennis Gilmore
ce61e26e6b - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-12 17:00:08 -06:00
Ken Dreyer
5e3850df61 conditionally set "su" logrotate parameter
Also, correct that pesky changelog date.
2011-12-13 09:31:24 -07:00
Ken Dreyer
0132c8f8b0 tweak mod_security rules
Unfortunately, when Apache includes conf.d/*, the "c" in cacti.conf
comes before "m" in mod_security.conf. This means we can't use the
IfModule directive here to detect the installation of mod_security.

Remove the IfModule section, and just provide instructions to users.
Users will have to manually un-comment the two mod_security overrides.
(Better than nothing.)
2011-12-12 11:42:24 -07:00
Ken Dreyer
6e9a19a762 Document RH bugzilla entry for 0.8.7i 2011-12-12 08:01:54 -07:00
Ken Dreyer
ee43a40ca0 update to 0.8.7i 2011-12-12 07:56:41 -07:00
Ken Dreyer
0b76934562 correct changelog date 2011-11-11 09:18:00 -07:00
Ken Dreyer
0cbd12b67a add forgotten changelog entries
These changes were made in 236450ca and 75b8883b, but not recored in the RPM changelog.
2011-11-11 09:02:26 -07:00
Ken Dreyer
77ee32e40c update logrotate to use su (#753079) 2011-11-11 08:55:46 -07:00
Ken Dreyer
75b8883bd9 add mod_security overrides
mod_security blocks a cacti upgrade procedure. Override and document
the two rules that cause problems. This could probably be tightened
down to apply only to the "install" directory.
2011-10-27 20:52:18 -06:00
Ken Dreyer
236450cab3 block HTTP access to log and rra directories (BZ #609856) 2011-10-27 16:46:35 -06:00
Ken Dreyer
8647659f14 rm another merge artifact 2011-10-27 12:52:10 -06:00
Ken Dreyer
f2fab19e54 rm merge artifacts
These files were an artifact of merging all the branches
together in git.
2011-10-27 12:45:24 -06:00
Ken Dreyer
fe9c79ca92 Merge branch 'el6' 2011-10-27 12:41:57 -06:00
Ken Dreyer
89f0d5e3cd Merge branch 'el5' 2011-10-27 12:41:55 -06:00
Ken Dreyer
c70dd17de2 Merge branch 'master' into el6
Conflicts:
	.gitignore
	cacti.spec
	sources
2011-10-27 12:40:14 -06:00
Ken Dreyer
3336efd173 Merge branch 'master' into el5
Conflicts:
	.gitignore
	cacti.spec
2011-10-27 12:37:56 -06:00
Ken Dreyer
ea94628ff0 Merge branch 'master' into el4
Conflicts:
	.gitignore
	cacti.spec
	sources
2011-10-27 12:32:41 -06:00
Ken Dreyer
355ddffde4 update to 0.8.7h 2011-10-27 12:17:56 -06:00
Ken Dreyer
d154b2d79a update to 0.8.7h
Update to latest upstream.
Symlink for /usr/share/cacti/cli is needed for the upgrade process.
RHBZ #748451
2011-10-24 09:10:32 -06:00
Jon Ciesla
95142bf2bb MySQL 5.5 fix. 2011-08-08 11:41:48 -05:00
Ken Dreyer
49c521fe5b properly bump release
Bump the digit after the dist tag, per the Fedora packaging guidelines.
Probably doesn't matter much for EPEL, since upgrades from EL5 -> EL6
are not supported, but hey, might as well be consistent.
2011-05-26 23:10:19 -06:00