Release of Cacti 0.8.8d

Important information about Cacti developments that all users should be interested in.

Moderators: Moderators, Developers

Locked
Author
Message
User avatar
rony
Developer/Forum Admin
Posts: 6016
Joined: Mon Nov 17, 2003 6:35 pm
Location: Michigan, USA
Contact:

Release of Cacti 0.8.8d

#1 Post by rony » Tue Jun 09, 2015 9:10 pm

Release of Cacti 0.8.8d

We the Cacti Group are proud to release the following:
  • Cacti 0.8.8d
  • Spine 0.8.8d
Important Security Fixes
  • Multiple XSS and SQL injection vulerabilities
Cacti 0.8.8d Change Log
  • bug: Fixed SQL injection VN: JVN#78187936 / TN:JPCERT#98968540
  • bug#0002261: PHP 5.4.0 added new error_reporting variable, causing cacti to show errors
  • bug#0002391: Odd Behaviour on ReIndex of Data Query Data
  • bug#0002393: Broken thumbnail images for graph templates
  • bug#0002402: Subtree must not have the same header as the parent header
  • bug#0002474: CLI add_device.php dows not set availability_method correctly
  • bug#0002449: The Save button does not work: Invalid html on page Console -> Cacti Settings: empty form tag
  • bug#0002428: Fail to delete all data input items when removing more than 1000 data sources
  • bug#0002439: Password with special character don't work with LDAP authentication
  • bug#0002461: invalid bn with ldap and anonymous bind
  • bug#0002465: Graph Export return empty CSV file
  • bug#0002484: Incorrect SQL request in cli script repair_database.php
  • bug#0002485: Broken pagenation on graph viewing
  • bug#0002489: SNMP - Get Mounted Partitions using Re-index method of Index Count Changed causes recache event every time
  • bug#0002490: Can not select page for multiple datasources per device
  • bug#0002494: CSV export always shows last day
  • bug#0002504: Data template search not functional
  • bug#0002542: [FG-VD-15-017] Cacti Cross-Site Scripting Vulnerability Notification
  • bug#0002543: Unable to switch pages within graphs_new.php due to invalid URL generation
  • bug#0002544: Duplicate entry in $nav_url during list view
  • bug#0002571: SQL Injection and Location header injection from cdef id CVE-2015-4342
  • bug#0002572: SQL injection in graph templates
Reporting Bugs

http://www.cacti.net/bugs.php

Download Cacti

http://www.cacti.net/download_cacti.php

Download Spine

http://www.cacti.net/spine_download.php

Thanks!
The Cacti Group
[size=117][i][b]Tony Roman[/b][/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]

Locked