rpms/cacti
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
130 Commits 1 Branch 0 Tags 370 KiB
068065e6ac
Commit Graph

102 Commits

Author SHA1 Message Date
Ken Dreyer
068065e6ac update %changelog for unresolved CVE-2014-2327 
CVE-2014-2327, missing CSRF token, is not yet resolved. It is still
tracked at RHBZ #1082122.

Tony Roman <troman@cacti.net> wrote at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768:

  "As for CVE-2014-2327 Cross Site Request Forgery Vulnerability, I'm still
  working on a solution.  I have some limited time this weekend to work on
  this fix.  But I will be on the west coast for business this next week
  and will have time at night to work on this fix."
 2014-04-07 19:10:14 -05:00
Ken Dreyer
e04c03e57b patchs for CVEs 
- Patch for CVE-2014-2708 SQL injection issues in graph_xport.php
  (RHBZ #1084258)
- Patch for CVE-2014-2709 shell escaping issues in lib/rrd.php
  (RHBZ #1084258)
- Patch for CVE-2014-2326 stored XSS attack (RHBZ #1082122)
- Patch for CVE-2014-2327 missing CSRF token (RHBZ #1082122)
- Patch for CVE-2014-2328 use of exec-like function calls without safety
  checks allow arbitrary command execution (RHBZ #1082122)
 2014-04-07 18:59:02 -05:00
Ken Dreyer
3badc5cd12 cron and systemd adjustments 
- Move cron to a separate file, and require crontabs (RHBZ #947047).
- Update for systemd (RHBZ #947047).

Thanks Jóhann B. Guðmundsson <johannbg@fedoraproject.org> for both
fixes.

- Replace tab with spaces to satisfy rpmlint.
 2014-02-06 21:43:15 -07:00
Ken Dreyer
88983c1129 correct my email address in %changelog 
Not sure how I could have missed that one...
 2014-01-15 18:44:05 -07:00
Ken Dreyer
b0f42c247c fix comments in thumbnails (BZ #1004550) 2013-09-08 15:09:23 -06:00
Ken Dreyer
fa1f26bd89 Patch for CVE-2013-5588 and CVE-2013-5589 
See RHBZ #1000860
 2013-08-27 16:37:48 -06:00
Ken Dreyer
8f7fb93344 update to cacti 0.8.8b (BZ #993042) 2013-08-07 10:54:40 -06:00
Ken Dreyer
98a77a5ffd use %{_pkgdocdir} 
Use %{_pkgdocdir}, per
https://fedoraproject.org/wiki/Changes/UnversionedDocdirs
 2013-07-29 09:35:39 -06:00
Ken Dreyer
a072f796b9 cacti-0.8.8a-8 2013-07-14 15:45:36 -06:00
Ken Dreyer
679597de71 rpmlint fixes 
- Remove macros from comments
- Add empty %build
- Trim changelog (removes several bogus calendar dates)
 2013-07-14 15:44:20 -06:00
Ken Dreyer
2f786b81b3 use improved treeview replacement patch (RHBZ #888207) 2013-07-14 15:37:56 -06:00
Dennis Gilmore
83475f1909 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild 2013-02-13 12:12:04 -06:00
Ken Dreyer
d6dd104212 bump release to -6 (missed in previous commit) 2013-01-08 11:09:02 -07:00
Ken Dreyer
2562be05a2 add net-snmp-utils dependency, and doc updates 
- Add note to README.fedora about the default MySQL password
- Remove reference to "docs/INSTALL" in README.fedora (RHBZ #893122)
- Add dependency on net-snmp-utils (RHBZ #893150)
 2013-01-08 11:04:22 -07:00
Ken Dreyer
7b883b2ad6 Install our README file as README.fedora 2013-01-04 15:02:21 -07:00
Tom Callaway
07bcd801e7 remove non-free treeview bits (replace with jquery future code from 0.8.9 trunk) 2013-01-04 16:20:06 -05:00
Dennis Gilmore
e000f43027 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild 2012-07-18 13:32:12 -05:00
Ken Dreyer
08df79d670 Add plugins directory (BZ #834355) 
- Drop Fedora 15 (EOL) from logrotate syntax adjustment
 2012-06-28 07:30:31 -06:00
Ken Dreyer
51c056ef13 New upstream release (BZ #817506) 
- Drop upstreamed $url_path patch
 2012-04-30 11:08:11 -06:00
Ken Dreyer
77c72073c0 Patch $url_path to default to "/cacti/" (upstream bug 2217) 2012-04-11 13:15:13 -06:00
Ken Dreyer
12e71f16d6 Adjust httpd ACL conditionals to test the presence of mod_authz_core 
(as discussed on fedora-devel)
 2012-04-06 09:59:08 -06:00
Ken Dreyer
99b73ddc76 version 0.8.8 2012-04-04 08:03:42 -06:00
Ken Dreyer
13cc69b855 New upstream release (BZ #809753). 2012-04-04 08:01:37 -06:00
Ken Dreyer
596e3b76f5 Adjust ACLs to support httpd 2.4. 2012-03-26 20:14:52 -06:00
Dennis Gilmore
ce61e26e6b - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild 2012-01-12 17:00:08 -06:00
Ken Dreyer
5e3850df61 conditionally set "su" logrotate parameter 
Also, correct that pesky changelog date.
 2011-12-13 09:31:24 -07:00
Ken Dreyer
6e9a19a762 Document RH bugzilla entry for 0.8.7i 2011-12-12 08:01:54 -07:00
Ken Dreyer
ee43a40ca0 update to 0.8.7i 2011-12-12 07:56:41 -07:00
Ken Dreyer
0b76934562 correct changelog date 2011-11-11 09:18:00 -07:00
Ken Dreyer
0cbd12b67a add forgotten changelog entries 
These changes were made in 236450ca and 75b8883b, but not recored in the RPM changelog.
 2011-11-11 09:02:26 -07:00
Ken Dreyer
77ee32e40c update logrotate to use su (#753079) 2011-11-11 08:55:46 -07:00
Ken Dreyer
8647659f14 rm another merge artifact 2011-10-27 12:52:10 -06:00
Ken Dreyer
89f0d5e3cd Merge branch 'el5' 2011-10-27 12:41:55 -06:00
Ken Dreyer
3336efd173 Merge branch 'master' into el5 
Conflicts:
	.gitignore
	cacti.spec
 2011-10-27 12:37:56 -06:00
Ken Dreyer
ea94628ff0 Merge branch 'master' into el4 
Conflicts:
	.gitignore
	cacti.spec
	sources
 2011-10-27 12:32:41 -06:00
Ken Dreyer
355ddffde4 update to 0.8.7h 2011-10-27 12:17:56 -06:00
Ken Dreyer
d154b2d79a update to 0.8.7h 
Update to latest upstream.
Symlink for /usr/share/cacti/cli is needed for the upgrade process.
RHBZ #748451
 2011-10-24 09:10:32 -06:00
Jon Ciesla
95142bf2bb MySQL 5.5 fix. 2011-08-08 11:41:48 -05:00
Ken Dreyer
49c521fe5b properly bump release 
Bump the digit after the dist tag, per the Fedora packaging guidelines.
Probably doesn't matter much for EPEL, since upgrades from EL5 -> EL6
are not supported, but hey, might as well be consistent.
 2011-05-26 23:10:19 -06:00
Ken Dreyer
ed8c11ac6a bump release for koji (#690581) 2011-05-26 20:58:10 -06:00
Dennis Gilmore
b91eebdb1f - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 00:18:33 -06:00
Mike McGrath
cea46448e7 Upstream released new version 2010-07-12 15:31:03 +00:00
Mike McGrath
e878653a25 Upstream released new version 2010-07-12 15:31:02 +00:00
Mike McGrath
c7b26ec599 Upstream released new version 2010-07-12 15:12:37 +00:00
Mike McGrath
254407a910 Upstream released new version (has security fixes) 2010-05-24 15:57:00 +00:00
Mike McGrath
0074e74e21 Upstream released new version (has security fixes) 2010-05-24 15:56:59 +00:00
Mike McGrath
5bb5c03660 upstream released new version 2010-05-24 14:33:00 +00:00
Mike McGrath
a3f509ae41 fixing sql injection issues - 585207 2010-04-23 13:54:05 +00:00
Mike McGrath
65fa7122f4 fixing sql injection issues - 585207 2010-04-23 13:54:04 +00:00
Mike McGrath
6bb9be2c27 Adding official patch to fix sql vulnerability 2010-04-23 13:43:21 +00:00