Release of Cacti 0.8.8e

Important information about Cacti developments that all users should be interested in.

Moderators: Moderators, Developers

User avatar
Developer/Forum Admin
Posts: 6016
Joined: Mon Nov 17, 2003 6:35 pm
Location: Michigan, USA

Release of Cacti 0.8.8e

#1 Post by rony » Sun Jul 12, 2015 8:39 pm

Release of Cacti 0.8.8e

We the Cacti Group are proud to release the following and respectfully ask forgiveness for the disaster release 0.8.8d was...
  • Cacti 0.8.8e
  • Spine 0.8.8e
Important Security Fixes
  • Multiple XSS and SQL injection vulnerabilities
  • CVE-2015-4634 - SQL injection in graphs.php
Cacti 0.8.8e Change Log
  • bug: Fixed issue with graph zooming failing to work
  • bug: Fixed various SQL Injection vectors
  • bug#0002569: Impossible to have a URL pointing directly to a graph
  • bug#0002574: SQL Injection Vulnerabilities in graph items and graph template items
  • bug#0002577: CVE-2015-4634 - SQL injection in graphs.php
  • bug#0002579: SQL Injection Vulnerabilities in data sources
  • bug#0002580: SQL Injection in cdef.php
  • bug#0002582: SQL Injection in data_templates.php
  • bug#0002583: SQL Injection in graph_templates.php
  • bug#0002584: SQL Injection in host_templates.php
  • bug#0002586: Cannot delete data sources from the GUI
  • bug#0002592: graph_view.php - viewing host in new tab - Undefined index: nodeid
  • bug#0002594: status_fail_date and status_rec_date are set incorrectly after host is marked down
  • bug#0002597: Incorrect value in Hosts column on Host Templates page
  • bug#0002598: Incorrect row number in Devices -> (Edit) page
Reporting Bugs

Download Cacti

Download Spine

The Cacti Group
[size=117][i][b]Tony Roman[/b][/i][/size]
[size=84][i]Experience is what causes a person to make new mistakes instead of old ones.[/i][/size]
[size=84][i]There are only 3 way to complete a project: Good, Fast or Cheap, pick two.[/i][/size]
[size=84][i]With age comes wisdom, what you choose to do with it determines whether or not you are wise.[/i][/size]