packages: cacti/cacti.spec, cacti/sql_injection_template_export.patch (NEW)...

Fri May 7 13:38:21 CEST 2010

Author: pawelz                       Date: Fri May  7 11:38:21 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- added sql_injection_template_export.patch. Resolves: CVE-2010-1431
- rel 11

---- Files affected:
packages/cacti:
   cacti.spec (1.122 -> 1.123) , sql_injection_template_export.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/cacti/cacti.spec
diff -u packages/cacti/cacti.spec:1.122 packages/cacti/cacti.spec:1.123

--- packages/cacti/cacti.spec:1.122	Wed Apr 14 23:49:06 2010
+++ packages/cacti/cacti.spec	Fri May  7 13:38:15 2010
@@ -4,7 +4,7 @@
 Summary(pl.UTF-8):	Cacti - frontend w PHP do rrdtoola
 Name:		cacti
 Version:	0.8.7e
-Release:	10
+Release:	11
 License:	GPL
 Group:		Applications/WWW
 Source0:	http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
@@ -20,6 +20,7 @@
 Patch102:	http://www.cacti.net/downloads/patches/0.8.7e/template_duplication.patch
 Patch103:	http://www.cacti.net/downloads/patches/0.8.7e/fix_icmp_on_windows_iis_servers.patch
 Patch104:	http://www.cacti.net/downloads/patches/0.8.7e/cross_site_fix.patch
+Patch105:	http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch
 # http://cactiusers.org/wiki/PluginArchitectureInstall
 # http://mirror.cactiusers.org/downloads/plugins/cacti-plugin-0.8.7e-PA-v2.6.zip
 Patch0:		%{name}-PA.patch
@@ -124,6 +125,7 @@
 %patch102 -p1
 %patch103 -p1
 %patch104 -p1
+%patch105 -p1
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
@@ -274,6 +276,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.123  2010/05/07 11:38:15  pawelz
+- added sql_injection_template_export.patch. Resolves: CVE-2010-1431
+- rel 11
+
 Revision 1.122  2010/04/14 21:49:06  glen
 - worked fine for years without gd ext; rel 10
 

================================================================
Index: packages/cacti/sql_injection_template_export.patch
diff -u /dev/null packages/cacti/sql_injection_template_export.patch:1.1
--- /dev/null	Fri May  7 13:38:21 2010
+++ packages/cacti/sql_injection_template_export.patch	Fri May  7 13:38:15 2010
@@ -0,0 +1,13 @@
+--- cacti-0.8.7e/templates_export.php	2009-06-28 12:07:11.000000000 -0400
++++ cacti-fixed/templates_export.php	2010-04-17 14:08:42.000000000 -0400
+@@ -49,6 +49,10 @@
+ function form_save() {
+ 	global $export_types;
+ 
++    /* ================= input validation ================= */
++    input_validate_input_number(get_request_var_post("export_item_id"));
++    /* ==================================================== */
++
+ 	if (isset($_POST["save_component_export"])) {
+ 		$xml_data = get_item_xml($_POST["export_type"], $_POST["export_item_id"], (((isset($_POST["include_deps"]) ? $_POST["include_deps"] : "") == "") ? false : true));
+ 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/cacti/cacti.spec?r1=1.122&r2=1.123&f=u

