cacti 0.8.8b+dfsg-8+deb8u1build0.15.04.1 source package in Ubuntu

Changelog

cacti (0.8.8b+dfsg-8+deb8u1build0.15.04.1) vivid-security; urgency=medium

  * fake sync from Debian (LP: #1210822)

cacti (0.8.8b+dfsg-8+deb8u1) jessie-security; urgency=high

  * Security update
    - CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti
      before 0.8.8d allows remote attackers to inject arbitrary web script
      or HTML via unspecified vectors.
    - CVE-2015-4342 SQL Injection and Location header injection from cdef
      id
    - CVE-2015-4454 SQL injection vulnerability in the
      get_hash_graph_template function in lib/functions.php in Cacti before
      0.8.8d allows remote attackers to execute arbitrary SQL commands via
      the graph_template_id parameter to graph_templates.php.
    - Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540

 -- Steve Beattie <email address hidden>  Tue, 30 Jun 2015 11:47:36 -0700