Ubuntu
cacti package

Change log for cacti package in Ubuntu

175 of 150 results FirstPreviousLast
Published in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
cacti (1.2.26+ds1-1) unstable; urgency=medium

  * postinst/postrm: ensure DEBHELPER content is always run
  * New upstream version 1.2.26+ds1
    Fixes the following vulnerabilities: CVE-2023-49084, CVE-2023-49085,
    CVE-2023-49086, CVE-2023-49088 CVE-2023-46490, CVE-2023-51448 and
    CVE-2023-50250 (Closes: #1059254, #1059286)
  * font-awesom-path.patch: refresh
  * Depends on node-dompurify and link purify.js instead of using upstream
    vendored version

 -- Paul Gevers <email address hidden>  Sun, 24 Dec 2023 21:46:33 +0100

Available diffs

Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
cacti (1.2.25+ds1-2) unstable; urgency=medium

  * change upstream CHANGELOG logic to accommodate Ubuntu FTBFS
  * Update Vcs to point at Debian namespace to invite others

 -- Paul Gevers <email address hidden>  Thu, 21 Sep 2023 12:56:55 +0200
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
cacti (1.2.24+ds1-1ubuntu1) lunar; urgency=medium

  * Make /usr/share/doc/cacti/changelog a symlink to
    /usr/share/cacti/site/CHANGELOG instead of the
    other way around to avoid FTBFS in Ubuntu

 -- Graham Inggs <email address hidden>  Fri, 24 Mar 2023 05:26:56 +0000
Superseded in lunar-proposed 
cacti (1.2.24+ds1-1) unstable; urgency=medium

  * New upstream version 1.2.24+ds1
  * Refresh patches

 -- Paul Gevers <email address hidden>  Wed, 01 Mar 2023 22:06:58 +0100

Available diffs

Superseded in lunar-proposed 
cacti (1.2.23+ds1-2) unstable; urgency=medium

  * d/rules: fix for new 'file' behavior (Closes: #1028764)
  * Adapt for changes in php-phpmyadmin-motranslator (Closes: #1028141)
  * d/rules: don't compress CHANGELOG symlink
  * tests: several improvement + re-add my own old check-all-pages

 -- Paul Gevers <email address hidden>  Thu, 19 Jan 2023 10:30:29 +0100

Available diffs

Superseded in lunar-proposed 
cacti (1.2.23+ds1-1) unstable; urgency=medium

  * New upstream version 1.2.23+ds1
  * Refresh patches + drop patches from upstream
  * Install all templates during first install instead of only the ones
    from 2017
  * Fix upstream issue #5127: importing templates fails
  * Adapt check_all_pages testing to upstream changes by simplifying
    Debian changes
  * Fix ui-state-default color in classical theme (Closes: #972947)
  * Drop apache2.2 support (only in oldoldoldstable by now)
  * Drop debian/NEWS as it's old
  * Update and add several lintian overrides
  * Don't load external images in documentation to prevent privacy breach:
    remove-external-images.patch

 -- Paul Gevers <email address hidden>  Thu, 05 Jan 2023 10:25:44 +0100

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
cacti (1.2.22+ds1-3) unstable; urgency=medium

  [ Athos Ribeiro ]
  * Update installing guides for NO_AUTO_CREATE_USER

  [ Paul Gevers ]
  * Add 7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216.patch to fix
    CVE-2022-46169 (Closes: #1025648)
  * Update debian.php.dist for the fix above to incorporate the
    configuration changes in the package defaults

 -- Paul Gevers <email address hidden>  Tue, 06 Dec 2022 22:16:33 +0100
Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
cacti (1.2.20+ds1-2ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable (LP: #1972833). Remaining changes:
    - General installing instructions update for NO_AUTO_CREATE_USER.
    - Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.

 -- Athos Ribeiro <email address hidden>  Tue, 10 May 2022 10:03:33 -0300
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
cacti (1.2.19+ds1-2ubuntu1) jammy; urgency=medium

  * Merge with Debian unstable. (LP: #1964653)
    Remaining changes:
    - General installing instructions update for NO_AUTO_CREATE_USER.
    - Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.

 -- Bryce Harrington <email address hidden>  Thu, 10 Mar 2022 18:27:38 -0800
Superseded in jammy-release
Obsolete in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
cacti (1.2.16+ds1-2ubuntu1) hirsute; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - General installing instructions update for NO_AUTO_CREATE_USER.
    - Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.
  * Dropped:
    - d/p/fix-32bit-ip-conversion.patch: fix netmask generation on 32bit
      architectures (LP #1865067)
      [Fixed in 1.2.11]
    - d/p/0001-PHP-7.4-Array-and-string-offset-access-syntax-with-c.patch
      + Fix deprecated curly bracket style syntax
      [Fixed in 1.2.11]

 -- Bryce Harrington <email address hidden>  Wed, 20 Jan 2021 12:17:39 -0800
Superseded in hirsute-release
Obsolete in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
cacti (1.2.10+ds1-1ubuntu1) focal; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - General installing instructions update for NO_AUTO_CREATE_USER.
      (refreshed when merging with debian 1.2.9+ds1-1)
    - Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.
      (refreshed when merging with debian 1.2.9+ds1-1)
    - d/p/fix-32bit-ip-conversion.patch: fix netmask generation on 32bit
      architectures (LP #1865067)
  * d/p/0001-PHP-7.4-Array-and-string-offset-access-syntax-with-c.patch
    - Fix deprecated curly bracket style syntax

 -- Bryce Harrington <email address hidden>  Mon, 23 Mar 2020 22:08:43 +0000
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
cacti (1.2.9+ds1-1ubuntu2) focal; urgency=medium

  * d/p/fix-32bit-ip-conversion.patch: fix netmask generation on 32bit
    architectures (LP: #1865067)

 -- Andreas Hasenack <email address hidden>  Mon, 02 Mar 2020 14:52:15 -0300
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
cacti (1.2.9+ds1-1ubuntu1) focal; urgency=medium

  * Merge with Debian unstable (LP: #1863739). Remaining changes:
    - General installing instructions update for NO_AUTO_CREATE_USER.
    - Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.
  * Dropped changes [upstream]:
    - MySQL 8 change needs: NO_AUTO_CREATE_USER and grouping keyword.
  * Dropped changes [debian]:
    - Replace php-php-gettext dependency in order to fix translations
      (LP #1844070)
Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to Release) 
cacti (1.2.4+ds1-2ubuntu3) eoan; urgency=medium

  * Replace php-php-gettext dependency in order to fix translations
    (LP: #1844070)

 -- Graham Inggs <email address hidden>  Thu, 19 Sep 2019 10:30:52 +0000
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
cacti (1.2.4+ds1-2ubuntu2) eoan; urgency=medium

  * Fix CREATE FUNCTION errors if binary logging is enabled:
    - d/p/MySQL-8-change-needs-NO_AUTO_CREATE_USER_and_groupin.patch
    - d/cacti.admin.sql
    - d/cacti.admin.rm.sql

 -- Rafael David Tinoco <email address hidden>  Fri, 09 Aug 2019 06:10:31 +0000
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
cacti (1.2.4+ds1-2ubuntu1) eoan; urgency=medium

  * Fixes for MySQL upstream updates. (Closes: #933683)
    - General installing instructions update for NO_AUTO_CREATE_USER.
    - Use new dbconfig "dbc_authplugin" variable to mitigate MySQL 8 issues.
    - Debian Instructions have to contain workaround for NO_AUTO_CREATE_USER.

 -- Rafael David Tinoco <email address hidden>  Thu, 08 Aug 2019 09:42:54 -0300
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
cacti (1.2.4+ds1-2) unstable; urgency=medium

  * tests: add new IMPORT messages to ignore filter

 -- Paul Gevers <email address hidden>  Mon, 15 Jul 2019 19:33:58 +0200
Superseded in eoan-proposed 
cacti (1.2.4+ds1-1) unstable; urgency=medium

  * New upstream release 1.2.4
    - Fixed upgrade script (Closes: #931702)
    - Fixed snmp gauges (Closes: #930254)
  * Depends i.s.o. Recommends on php-gmp (Closes: #930252)
  * Drop dependency on php-php-gettext as it is optional for cacti and it's
    going to be removed due to CVE-2016-6175
  * Refresh patches
  * Update d/debian.php.dist with changes in include/config.php

 -- Paul Gevers <email address hidden>  Sun, 14 Jul 2019 21:33:08 +0200
Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
cacti (1.2.2+ds1-2) unstable; urgency=medium

  * Add 0001-Resolving-Issue-2581.patch from upstream (Closes: #926700)
    CVE-2019-11025: In clearFilter() in utilities.php no escaping occurs
    before printing out the value of the SNMP community string (SNMP
    Options) in the View poller cache, leading to XSS.

 -- Paul Gevers <email address hidden>  Tue, 09 Apr 2019 20:42:38 +0200

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
cacti (1.2.2+ds1-1) unstable; urgency=medium

  * New upstream release 1.2.2
  * tests: add one more exception for Ubuntu (Closes: #922437)
  * Depend on fonts-fork-awesome instead of fonts-font-awesome (Closes:
    #922779)
  * Fix typo in debian.php.dist (Closes: #922651)

 -- Paul Gevers <email address hidden>  Tue, 26 Feb 2019 21:48:07 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
cacti (1.2.1+ds1-2) unstable; urgency=medium

  * tests: add some items back that are seen on Ubuntu's setup
  * Migrate from libjs-chartjs to libjs-chart.js due to bug #922288

 -- Paul Gevers <email address hidden>  Thu, 14 Feb 2019 10:19:02 +0100
Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
cacti (1.2.1+ds1-1ubuntu1) disco; urgency=medium

  * d/t/check-all-pages: exclude from the cacti log messages about system
    stats and the network scanner, which can show up depending on how long
    this test takes to run. (LP: #1814097)

 -- Andreas Hasenack <email address hidden>  Thu, 31 Jan 2019 11:44:23 -0200
Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
cacti (1.2.1+ds1-1) unstable; urgency=medium

  * New upstream release 1.2.1
    - spikekiller is now a class (Closes: #916814)
  * Upload to unstable
  * Bump dependency on libphp-phpmailer
  * Bump Standards (no changes)
  * Declare R³: binary-targets (Thanks lintian)

 -- Paul Gevers <email address hidden>  Sun, 27 Jan 2019 21:22:59 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
cacti (1.1.38+ds1-2) unstable; urgency=medium

  * [tests] Adapt for MariaDB 10.3 which triggers a new message in the
    log that doesn't seem to result in different output otherwise
  * [tests] Add mysql-server test back but with
    skip-not-installable. Debian has mariadb-server as
    default-mysql-server so we definitely want to test that. Ubuntu has
    mysql-server, so we also want to test that, but that isn't in
    testing. (Closes: #903238)

 -- Paul Gevers <email address hidden>  Thu, 27 Dec 2018 20:33:59 +0100
Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
cacti (1.1.38+ds1-1ubuntu1) cosmic; urgency=medium

  * Use default-mysql-server for tests rather than specifying a particular
    implementation.

 -- Steve Langasek <email address hidden>  Fri, 06 Jul 2018 15:40:32 -0700
Superseded in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
cacti (1.1.38+ds1-1) unstable; urgency=medium

  * New upstream release 1.1.38
  * [tests] Remove mysql-server test as it isn't available in testing

 -- Paul Gevers <email address hidden>  Wed, 18 Apr 2018 12:03:05 +0200
Superseded in bionic-proposed 
cacti (1.1.37+ds1-1) unstable; urgency=medium

  * New upstream release 1.1.37
  * CVE-2018-10059: (XSS) the get_current_page function in
    lib/functions.php relies on $_SERVER['PHP_SELF'] instead of
    $_SERVER['SCRIPT_NAME'] to determine a page name
  * CVE-2018-10060: (XSS) does not properly reject unintended characters,
    related to use of the sanitize_uri function in lib/functions.php
  * CVE-2018-10061: (XSS) makes certain htmlspecialchars calls without the
    ENT_QUOTES flag

 -- Paul Gevers <email address hidden>  Thu, 12 Apr 2018 17:43:13 +0200

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
cacti (1.1.36+ds1-1) unstable; urgency=medium

  * New upstream release 1.1.36
    - Refresh patches

 -- Paul Gevers <email address hidden>  Wed, 28 Feb 2018 16:22:50 +0100

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
cacti (1.1.35+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.35
  * [tests] Fix for nofollow directive that prevented recursive crawl
    (Closes: #889893)
  * [tests] Prevent cron job from running
  * Add 0001-issue-1336-Fix-issue-with-config-not-being-defined-1.patch
    from upstream

 -- Paul Gevers <email address hidden>  Tue, 13 Feb 2018 19:26:14 +0100
Superseded in bionic-proposed 
cacti (1.1.34+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.34
    - Includes updates for php7.2 (Closes: #889181)

 -- Paul Gevers <email address hidden>  Tue, 06 Feb 2018 22:31:34 +0100
Superseded in bionic-proposed 
cacti (1.1.31+ds1-1ubuntu2) bionic; urgency=medium

  * d/t/check-all-pages: correct message string.

 -- Nishanth Aravamudan <email address hidden>  Mon, 05 Feb 2018 16:19:36 -0800
Superseded in bionic-proposed 
cacti (1.1.31+ds1-1ubuntu1) bionic; urgency=medium

  * debian/patches/php72_count_bc_changes.patch: PHP7.2 has deprecated
    count() of non-Countable objects.
  * debian/patches/update-cactisql.patch: Update cacti.sql for
    readstring to community change.
  * debian/tests/check-all-pages: add a new expected error message.

 -- Nishanth Aravamudan <email address hidden>  Fri, 02 Feb 2018 08:21:41 -0800
Superseded in bionic-proposed 
cacti (1.1.31+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.31
  * Update autopkgtest for new output since 1.1.29

 -- Paul Gevers <email address hidden>  Wed, 17 Jan 2018 18:50:00 +0100

Available diffs

Superseded in bionic-proposed 
cacti (1.1.30+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.30

 -- Paul Gevers <email address hidden>  Fri, 05 Jan 2018 20:30:47 +0100

Available diffs

Superseded in bionic-proposed 
cacti (1.1.29+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.29
  * Refresh documentation tar ball
  * Drop php-mysqlnd from alternative list of dependencies, it doesn't
    exist
  * Use dh-linktree embed-weakdep option to prevent strong dependencies
    (requires dh-linktree 0.5)

 -- Paul Gevers <email address hidden>  Wed, 27 Dec 2017 20:57:21 +0100

Available diffs

Superseded in bionic-proposed 
cacti (1.1.28+ds1-3) unstable; urgency=medium

  * Rebuild against new version of libjs-jquery-colorpicker (Closes:
    #884756)

 -- Paul Gevers <email address hidden>  Thu, 21 Dec 2017 21:16:13 +0100

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
cacti (1.1.28+ds1-2) unstable; urgency=medium

  * Add remove-global-mysql-command.patch (Closes: #882356)

 -- Paul Gevers <email address hidden>  Fri, 24 Nov 2017 11:07:11 +0100
Superseded in bionic-proposed 
cacti (1.1.28+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.28
    - Drop applied patches
  * [tests] Allow time out to happen in the logs as Ubuntu's autopkgtest
    servers are often too slow

 -- Paul Gevers <email address hidden>  Sun, 19 Nov 2017 21:34:10 +0100

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
cacti (1.1.27+ds1-3) unstable; urgency=medium

  * CVE-2017-16641: remote authenticated administrators can execute
    arbitrary os commands via the path_rrdtool parameter in an action=save
    request to settings.php (Closes: #881110)
  * CVE-2017-16660: remote authenticated administrators can conduct Remote
    Code Execution attacks by placing the Log Path under the web root, and
    then making a remote_agent.php request containing PHP code in a
    Client-ip header
  * CVE-2017-16661: remote authenticated administrators can read arbitrary
    files accessible by the web-server user by placing the Log Path into a
    private directory, and then making a clog.php?filename= request
  * CVE-2017-16785: reflected XSS via the PATH_INFO to host.php
    (reintroduction of CVE-2017-15194)
  * Bump standards to 4.1.1
  * Set Priority to optional

 -- Paul Gevers <email address hidden>  Tue, 14 Nov 2017 20:14:34 +0100

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
cacti (1.1.27+ds1-2) unstable; urgency=medium

  * Add upstream commit b44eb52 as 0001-Another-crack-at-issue-1039.patch
    because they likely reintroduced part of CVE-2017-15194. Thanks to
    autopkgtest

 -- Paul Gevers <email address hidden>  Fri, 27 Oct 2017 14:41:48 +0200

Available diffs

Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (1.1.18+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.18
    - Drop patches from upstream and refresh the others
  * Bump standards version to 4.0.1 (no changes)
  * Stop installing csrf/LICENSE file (thanks lintian)

 -- Paul Gevers <email address hidden>  Sat, 19 Aug 2017 18:46:41 +0200

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (1.1.17+ds1-2) unstable; urgency=medium

  * CVE-2017-12927 XSS vulnerability in spikekill.php (Closes: #872478)
  * [tests] fix grep expression to unblock Ubuntu
  * [tests] Add improve-boost-logging-on-fresh-installs.patch and don't
    filter on the fixed messages
  * Fix typo in previous changelog message

 -- Paul Gevers <email address hidden>  Fri, 18 Aug 2017 21:15:23 +0200
Superseded in artful-proposed 
cacti (1.1.17+ds1-1) unstable; urgency=medium

  * New upstream version 1.1.17
  * Make the autopkgtest strickter now upstream reduced the noise

 -- Paul Gevers <email address hidden>  Wed, 16 Aug 2017 14:04:31 +0200

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (1.1.16+ds1-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2017-12065 spikekill.php might allow remote attackers to
      execute arbitrary code via the avgnan, outlier-start, or outlier-end
      parameter (Closes: #870353)
    - Fixes CVE-2017-12066 Cross-site scripting (XSS) vulnerability in
      aggregate_graphs.php (Closes: #870354)

 -- Paul Gevers <email address hidden>  Thu, 03 Aug 2017 09:38:54 -0400

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (1.1.15+ds1-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2017-11691 Cross-site scripting (XSS) vulnerability in
      auth_profile.php (Closes: #869848)
  * Lower the Depends on dbc to include ~ to ease backports

 -- Paul Gevers <email address hidden>  Thu, 27 Jul 2017 10:40:05 -0400

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (1.1.13+ds1-1) unstable; urgency=medium

  * New upstream release
  * Update documentation from upstream

 -- Paul Gevers <email address hidden>  Fri, 14 Jul 2017 20:37:39 +0200

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (1.1.12+ds1-1) unstable; urgency=medium

  * New upstream release
  * CVE-2017-10970 XSS vulnerability via link.php fixed (Closes: #867532)
  * Add version to jquery-tablesorter
  * Make sure that autopkgtests at least run again

 -- Paul Gevers <email address hidden>  Fri, 07 Jul 2017 21:07:43 +0200
Superseded in artful-proposed 
cacti (1.1.10+ds1-6) unstable; urgency=medium

  * Fix upgrade script to find the upgrade functions in the Debian file
    layout (Closes: #866773) Thanks to ISHIKAWA Mutsumi
  * Add upgrade code for grant on mysql.time_zone_name
  * Bump version of dbconfig-common to ensure we have the fix for postinst
    code working

 -- Paul Gevers <email address hidden>  Tue, 04 Jul 2017 07:16:45 +0200

Available diffs

Superseded in artful-proposed 
cacti (1.1.10+ds1-5) unstable; urgency=medium

  * Fix piuparts issue where the scripts are changed due to loading the
    template files in the postinst script. See upstream bug #810. (Closes:
    #866140)

 -- Paul Gevers <email address hidden>  Tue, 27 Jun 2017 21:41:26 +0200

Available diffs

Superseded in artful-proposed 
cacti (1.1.10+ds1-4) unstable; urgency=medium

  * Upload to unstable
  * Bump standards version to 4.0.0 (no changes)

 -- Paul Gevers <email address hidden>  Tue, 20 Jun 2017 21:45:13 +0200

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (0.8.8h+ds1-10) unstable; urgency=medium

  * Fix upgrades from before 0.8.8h+ds1-8; that version started to ship
    symlinks to directories in libjs-jquery-jstree without making sure
    dpkg handled that properly during upgrades (Closes: #861858)

 -- Paul Gevers <email address hidden>  Fri, 05 May 2017 13:55:33 +0200

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release)
Deleted in zesty-proposed (Reason: The package was removed due to its SRU bug(s) not being v...) 
cacti (0.8.8h+ds1-8ubuntu0.1) zesty; urgency=medium

  * debian/patches/enable_faster_polling_than_cron.patch: split() is
    deprecated in PHP 7, causing the code to fail.  Closes: #860271,
    LP: #1662027. Thanks to Paul Gevers <email address hidden>.

 -- Nishanth Aravamudan <email address hidden>  Fri, 14 Apr 2017 21:26:51 -0700
Obsolete in yakkety-proposed 
cacti (0.8.8h+ds1-5ubuntu0.1) yakkety; urgency=medium

  * debian/patches/enable_faster_polling_than_cron.patch: split() is
    deprecated in PHP 7, causing the code to fail.  Closes: #860271,
    LP: #1662027. Thanks to Paul Gevers <email address hidden>.

 -- Nishanth Aravamudan <email address hidden>  Fri, 14 Apr 2017 21:36:29 -0700
Deleted in xenial-proposed (Reason: The package was removed due to its SRU bug(s) not being v...) 
cacti (0.8.8f+ds1-4ubuntu4.16.04.3) xenial; urgency=medium

  * debian/patches/enable_faster_polling_than_cron.patch: split() is
    deprecated in PHP 7, causing the code to fail.  Closes: #860271,
    LP: #1662027. Thanks to Paul Gevers <email address hidden>.

 -- Nishanth Aravamudan <email address hidden>  Fri, 14 Apr 2017 21:40:34 -0700
Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
cacti (0.8.8h+ds1-9) unstable; urgency=medium

  * Add enable_faster_polling_than_cron.patch to replace the use of the
    deprecated split() function (Closes: #860271)

 -- Paul Gevers <email address hidden>  Thu, 13 Apr 2017 22:05:30 +0200
Published in xenial-updates
Published in xenial-security 
cacti (0.8.8f+ds1-4ubuntu4.16.04.2) xenial-security; urgency=medium

  * Security update (backport patches from upstream)
    - CVE-2016-2313 - auth_login.php access restrictions could be bypassed
    - CVE-2016-3172 - SQL injection vulnerability in tree.php
    - CVE-2016-3659 - SQL injection vulnerability in graph_view.php

 -- Paul Gevers <email address hidden>  Sat, 11 Feb 2017 14:07:55 +0100
Published in trusty-updates
Published in trusty-security 
cacti (0.8.8b+dfsg-5ubuntu0.2) trusty-security; urgency=medium

  * Security update (backport patches from upstream)
    - CVE-2014-4000 - PHP Object Injection Vulnerabilities
    - CVE-2015-4634 - SQL injection vulnerability in graphs.php
    - CVE-2015-8369 - SQL injection vulnerability in
                      include/top_graph_header.php
    - CVE-2015-8377 - SQL injection vulnerability in host_new_graphs_save
    - CVE-2015-8604 - SQL injection vulnerability in host_new_graphs
    - CVE-2016-2313 - auth_login.php access restrictions could be bypassed
    - CVE-2016-3172 - SQL injection vulnerability in tree.php
    - CVE-2016-3659 - SQL injection vulnerability in graph_view.php

 -- Paul Gevers <email address hidden>  Sat, 11 Feb 2017 14:51:18 +0100
Superseded in artful-release
Obsolete in zesty-release
Deleted in zesty-proposed (Reason: moved to release) 
cacti (0.8.8h+ds1-8) unstable; urgency=medium

  * Depend on libjs-jquery-jstree instead of using embedded version
  * Replace use_debian_javascript_packages.patch with links to the Debian
    packages instead (more transparent)
  * Add fix_export_for_debian_packages.patch to avoid export failure

 -- Paul Gevers <email address hidden>  Wed, 14 Dec 2016 21:20:24 +0100

Available diffs

Superseded in zesty-release
Deleted in zesty-proposed (Reason: moved to release) 
cacti (0.8.8h+ds1-7) unstable; urgency=medium

  * Previous upload was screwed up. Doing it better this time I hope.

 -- Paul Gevers <email address hidden>  Sat, 10 Dec 2016 07:47:07 +0100
Superseded in zesty-proposed 
cacti (0.8.8h+ds1-6) unstable; urgency=medium

  * Fix links for path change in libjs-jquery-ui-theme-ui-lightness,
    hopefully bug #846515 will not get fixed

 -- Paul Gevers <email address hidden>  Wed, 07 Dec 2016 21:44:51 +0100
Superseded in zesty-release
Obsolete in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
cacti (0.8.8h+ds1-5) unstable; urgency=medium

  [ Emilio Pozuelo Monfort ]
  * CVE-2016-2313-guest-auth.patch:
    + Fix regression in the fix for CVE-2016-2313 that broke guest user
      logins. Thanks to Matus Uhlar for the report. (Closes: #833420)

  [ Paul Gevers ]
  * Recommend default-mysql-server instead of MariaDB and MySQL

 -- Paul Gevers <email address hidden>  Mon, 05 Sep 2016 21:10:12 +0200

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
cacti (0.8.8h+ds1-4) unstable; urgency=medium

  * Improve autopkgtest situation and avoid failure when it is not needed

 -- Paul Gevers <email address hidden>  Thu, 16 Jun 2016 22:11:20 +0200
Superseded in yakkety-proposed 
cacti (0.8.8h+ds1-3) unstable; urgency=medium

  * Save more log files during autopkgtesting
  * Add check on errors during testing (Closes: #825644)
  * Add javascript-common to Depends to ensure jquery is usable

 -- Paul Gevers <email address hidden>  Fri, 10 Jun 2016 20:20:04 +0200

Available diffs

Superseded in xenial-updates
Deleted in xenial-proposed (Reason: moved to -updates) 
cacti (0.8.8f+ds1-4ubuntu4.16.04.1) xenial; urgency=medium

  * Update make_cacti_sql_mode-strict_compatible.patch to also drop
    ONLY_FULL_GROUP_BY (LP: #1588813)

 -- Paul Gevers <email address hidden>  Fri, 03 Jun 2016 13:46:55 +0200
Superseded in yakkety-proposed 
cacti (0.8.8h+ds1-2) unstable; urgency=medium

  * Update make_cacti_sql_mode-strict_compatible.patch to also drop
    ONLY_FULL_GROUP_BY (Follow-up for LP: #1578144)
  * Lower versioned dependency on libphp-adodb to be Ubuntu compatible

 -- Paul Gevers <email address hidden>  Thu, 02 Jun 2016 22:06:59 +0200
Superseded in xenial-updates
Deleted in xenial-proposed (Reason: moved to -updates) 
cacti (0.8.8f+ds1-4ubuntu4.16.04) xenial; urgency=medium

  * Add make_cacti_sql_mode-strict_compatible.patch to enable cacti to
    work with the default settings of MySQL 5.7 (LP: #1578144)

 -- Paul Gevers <email address hidden>  Sat, 14 May 2016 21:00:40 +0200
Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
cacti (0.8.8h+ds1-1ubuntu1) yakkety; urgency=medium

  * Lower versioned depends of libphp-adodb as Ubuntu fixed it earlier

 -- Paul Gevers <email address hidden>  Fri, 20 May 2016 09:54:29 +0200
Superseded in yakkety-proposed 
cacti (0.8.8h+ds1-1) unstable; urgency=medium

  * New upstream release
    - CVE-2016-3659 SQL Injection Vulnerability in graph_view.php (Closes:
      #820521)
  * Drop obsolete patches (applied upstream)
  * Update tests to depend on javascript-common
  * Don't test lighttpd for now
  * Drop jquery.js from the source (wasn't used anyways in Debian), so no
    need to document it in d/copyright
  * Add make_cacti_sql_mode-strict_compatible.patch to enable cacti to
    work with the default settings of MySQL 5.7 (LP: #1578144)

 -- Paul Gevers <email address hidden>  Sat, 14 May 2016 22:26:35 +0200
Superseded in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
cacti (0.8.8f+ds1-4ubuntu4) xenial; urgency=medium

  * debian/patches/11_1571432_mysqli.patch: Use mysqli extension not
    mysql with PHP7.0.  Closes LP: #1571432.

 -- Nishanth Aravamudan <email address hidden>  Mon, 18 Apr 2016 13:54:08 -0700
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
cacti (0.8.8f+ds1-4ubuntu3) xenial; urgency=medium

  * Add run-time dependencies on php-xml, php-mbstring (LP: #1568136).

 -- Nishanth Aravamudan <email address hidden>  Fri, 08 Apr 2016 13:42:06 -0700
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
cacti (0.8.8f+ds1-4ubuntu2) xenial; urgency=medium

  * Default to mysqli driver for database connection, as the mysql
    driver has been removed in PHP7.0 (LP: #1544352).

 -- Nishanth Aravamudan <email address hidden>  Wed, 23 Mar 2016 10:42:04 -0700
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
cacti (0.8.8f+ds1-4ubuntu1) xenial; urgency=medium

  * Update to PHP7.0 dependencies (LP: #1544352).
  * Update DEBIAN.Readme phpN references.

 -- Nishanth Aravamudan <email address hidden>  Fri, 12 Feb 2016 08:50:29 -0800
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
cacti (0.8.8f+ds1-4) unstable; urgency=medium

  * CVE-2015-8377: Fix SQL Injection vulnerability in graphs_new.php
  * CVE-2015-8604: Fix SQL Injection vulnerability in graphs_new.php
  * Depend on dbconfig-mysql or dbconfig-no-thanks instead of
    dbconfig-common and mysql-client
  * Bump compat level to 9
  * Drop useless CFLAGS declaration in d/rules
  * Drop cacti.sql_drop_tables_to_begin.patch as dbconfig-common now does
    that.
  * Add dependency on libjs-jquery now that version is high enough and
    update use_debian_javascript_packages.patch to use it.

 -- Paul Gevers <email address hidden>  Sat, 09 Jan 2016 13:16:04 +0100

Available diffs

Obsolete in vivid-updates
Obsolete in vivid-security 
cacti (0.8.8b+dfsg-8+deb8u3build0.15.04.1) vivid-security; urgency=medium

  * fake sync from Debian
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
cacti (0.8.8f+ds1-3) unstable; urgency=high

  * Add upstream patch to fix
    - CVE-2015-8369 SQL Injection vulnerability in graph.php

 -- Paul Gevers <email address hidden>  Sat, 12 Dec 2015 14:03:40 +0100

Available diffs

175 of 150 results FirstPreviousLast