[packages/cacti] official security.patch. fixes CVE-2014-2326, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709
glen
glen at pld-linux.org
Thu Jul 3 14:04:58 CEST 2014
commit 4a9821cfca475143934a0f779e5dfbf9c17c622c
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Thu Jul 3 15:04:08 2014 +0300
official security.patch. fixes CVE-2014-2326, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709
CVE-2014-2326 Unspecified HTML Injection Vulnerability
CVE-2014-2328 Unspecified Remote Command Execution Vulnerability
CVE-2014-2708 Unspecified SQL Injection Vulnerability
CVE-2014-2709 Unspecified Remote Command Execution Vulnerability
cacti.spec | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
---
diff --git a/cacti.spec b/cacti.spec
index a630656..db26917 100644
--- a/cacti.spec
+++ b/cacti.spec
@@ -5,7 +5,7 @@ Summary: Cacti is a PHP frontend for rrdtool
Summary(pl.UTF-8): Cacti - frontend w PHP do rrdtoola
Name: cacti
Version: 0.8.8b
-Release: 4
+Release: 5
License: GPL v2
Group: Applications/WWW
Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
@@ -26,8 +26,8 @@ Patch7: %{name}-ss_disk-array-indices.patch
Patch8: host_name-url.patch
Patch9: rra-comments.patch
# http://www.cacti.net/download_patches.php
-#Patch100: -
-## Patch100-md5: -
+Patch100: http://www.cacti.net/downloads/patches/%{version}/security.patch
+# Patch100-md5: bd18f265cca1f9713f88296f0be1ef56
URL: http://www.cacti.net/
BuildRequires: sed >= 4.0
Requires(postun): /usr/sbin/userdel
@@ -127,8 +127,11 @@ Dokumentacja do Cacti w formacie HTML.
%prep
%setup -q
+
# official patches
-#patch100 -p1
+%if 0%{?PATCH100:1}
+%patch100 -p1
+%endif
%patch0 -p1
%patch1 -p1
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/cacti.git/commitdiff/4a9821cfca475143934a0f779e5dfbf9c17c622c
More information about the pld-cvs-commit
mailing list