-
cacti (0.8.8f+ds1-4ubuntu4.16.04.3) xenial; urgency=medium
* debian/patches/enable_faster_polling_than_cron.patch: split() is
deprecated in PHP 7, causing the code to fail. Closes: #860271,
LP: #1662027. Thanks to Paul Gevers <email address hidden>.
-- Nishanth Aravamudan <email address hidden> Fri, 14 Apr 2017 21:40:34 -0700
-
cacti (0.8.8f+ds1-4ubuntu4.16.04.2) xenial-security; urgency=medium
* Security update (backport patches from upstream)
- CVE-2016-2313 - auth_login.php access restrictions could be bypassed
- CVE-2016-3172 - SQL injection vulnerability in tree.php
- CVE-2016-3659 - SQL injection vulnerability in graph_view.php
-- Paul Gevers <email address hidden> Sat, 11 Feb 2017 14:07:55 +0100
-
cacti (0.8.8f+ds1-4ubuntu4.16.04.1) xenial; urgency=medium
* Update make_cacti_sql_mode-strict_compatible.patch to also drop
ONLY_FULL_GROUP_BY (LP: #1588813)
-- Paul Gevers <email address hidden> Fri, 03 Jun 2016 13:46:55 +0200
-
cacti (0.8.8f+ds1-4ubuntu4.16.04) xenial; urgency=medium
* Add make_cacti_sql_mode-strict_compatible.patch to enable cacti to
work with the default settings of MySQL 5.7 (LP: #1578144)
-- Paul Gevers <email address hidden> Sat, 14 May 2016 21:00:40 +0200
-
cacti (0.8.8f+ds1-4ubuntu4) xenial; urgency=medium
* debian/patches/11_1571432_mysqli.patch: Use mysqli extension not
mysql with PHP7.0. Closes LP: #1571432.
-- Nishanth Aravamudan <email address hidden> Mon, 18 Apr 2016 13:54:08 -0700
-
cacti (0.8.8f+ds1-4ubuntu3) xenial; urgency=medium
* Add run-time dependencies on php-xml, php-mbstring (LP: #1568136).
-- Nishanth Aravamudan <email address hidden> Fri, 08 Apr 2016 13:42:06 -0700
-
cacti (0.8.8f+ds1-4ubuntu2) xenial; urgency=medium
* Default to mysqli driver for database connection, as the mysql
driver has been removed in PHP7.0 (LP: #1544352).
-- Nishanth Aravamudan <email address hidden> Wed, 23 Mar 2016 10:42:04 -0700
-
cacti (0.8.8f+ds1-4ubuntu1) xenial; urgency=medium
* Update to PHP7.0 dependencies (LP: #1544352).
* Update DEBIAN.Readme phpN references.
-- Nishanth Aravamudan <email address hidden> Fri, 12 Feb 2016 08:50:29 -0800
-
cacti (0.8.8f+ds1-4) unstable; urgency=medium
* CVE-2015-8377: Fix SQL Injection vulnerability in graphs_new.php
* CVE-2015-8604: Fix SQL Injection vulnerability in graphs_new.php
* Depend on dbconfig-mysql or dbconfig-no-thanks instead of
dbconfig-common and mysql-client
* Bump compat level to 9
* Drop useless CFLAGS declaration in d/rules
* Drop cacti.sql_drop_tables_to_begin.patch as dbconfig-common now does
that.
* Add dependency on libjs-jquery now that version is high enough and
update use_debian_javascript_packages.patch to use it.
-- Paul Gevers <email address hidden> Sat, 09 Jan 2016 13:16:04 +0100
-
cacti (0.8.8f+ds1-3) unstable; urgency=high
* Add upstream patch to fix
- CVE-2015-8369 SQL Injection vulnerability in graph.php
-- Paul Gevers <email address hidden> Sat, 12 Dec 2015 14:03:40 +0100
-
cacti (0.8.8f+ds1-2) unstable; urgency=medium
* Update loadavg_multi_locale_friendly.patch (Closes: #793401)
* Add missing manual.css (Closes: #783416)
* Fix d/rules override_dh_*configure target (Wasn't ever run,
althought that wasn't too bad until now)
-- Paul Gevers <email address hidden> Mon, 03 Aug 2015 19:58:53 +0200