Cacti (home)ForumsRepositoryDocumentation
Cacti: offical forums and support
It is currently Fri Oct 31, 2014 4:02 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: post-0.8.8b release?
PostPosted: Thu Aug 08, 2013 4:45 pm 
Offline

Joined: Mon Sep 08, 2008 2:38 am
Posts: 9
The Red Hat Security Response Team pointed out to me that the fix for CVE-2013-1435 caused a regression (functionality broke). https://bugzilla.redhat.com/994616#c5

Should we expect a 0.8.8c with these fixes?

http://svn.cacti.net/viewvc?view=rev&revision=7408
http://svn.cacti.net/viewvc?view=rev&revision=7409
http://svn.cacti.net/viewvc?view=rev&revision=7413


Top
 Profile  
 
 Post subject: Re: post-0.8.8b release?
PostPosted: Fri Aug 09, 2013 12:42 am 
Offline
Developer
User avatar

Joined: Thu Feb 20, 2003 10:16 am
Posts: 1591
Location: Canada
Yes. Already discussed today.

_________________
--
Live fast, die young
You're sucking up my bandwidth.

J.P. Pasnak,CD
CCNA, LPIC-1
http://www.warpedsystems.sk.ca


Top
 Profile  
 
 Post subject: Re: post-0.8.8b release?
PostPosted: Fri Aug 09, 2013 2:53 pm 
Offline
Developer
User avatar

Joined: Thu Dec 02, 2004 2:46 am
Posts: 22461
Location: Muenster, Germany
And solution posted to
- cacti mailing list
- bug tracker
- this forum

The suggested solution would have inherited the original CVE complaint.
The posted solution is not vulnerable to this problem
R.

_________________
Official Cacti Documentation
Official Debugging Help
Central Plugin Repository
Central Templates Repository


Top
 Profile  
 
 Post subject: Re: post-0.8.8b release?
PostPosted: Fri Aug 16, 2013 5:34 pm 
Offline

Joined: Mon Sep 08, 2008 2:38 am
Posts: 9
Which forum post are you referring to? (Is it the one titled "Cacti 0.8.8b Preview Mode Graphs bug", currently at http://forums.cacti.net/viewtopic.php?f=21&t=50645 ?)

Similarly, what is the bug number in Mantis? I tried looking through the newest bug reports, but I couldn't find anything related to this. Please pardon my ignorance.

I can carry patch(es) in the RPM if absolutely necessary, but it would be great to get this fixed in an official 0.8.8c tarball.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group