head 1.2; access; symbols pkgsrc-2014Q4:1.1.0.10 pkgsrc-2014Q4-base:1.1 pkgsrc-2014Q3:1.1.0.8 pkgsrc-2014Q3-base:1.1 pkgsrc-2014Q2:1.1.0.6 pkgsrc-2014Q2-base:1.1 pkgsrc-2014Q1:1.1.0.4 pkgsrc-2014Q1-base:1.1 pkgsrc-2013Q4:1.1.0.2; locks; strict; comment @# @; 1.2 date 2015.03.11.13.56.46; author adam; state dead; branches; next 1.1; commitid UT8JLqtBS2ja6cdy; 1.1 date 2014.01.08.20.51.28; author tron; state Exp; branches 1.1.2.1; next ; commitid Jj6blLLN2EZt7mkx; 1.1.2.1 date 2014.01.08.20.51.28; author spz; state dead; branches; next 1.1.2.2; commitid E1nKepqJvADzSukx; 1.1.2.2 date 2014.01.09.23.14.33; author spz; state Exp; branches; next ; commitid E1nKepqJvADzSukx; desc @@ 1.2 log @Changes 0.8.8c: Important Security Fixes CVE-2013-5588 - XSS issue via installer or device editing CVE-2013-5589 - SQL injection vulnerability in device editing CVE-2014-2326 - XSS issue via CDEF editing CVE-2014-2327 - Cross-site request forgery (CSRF) vulnerability CVE-2014-2328 - Remote Command Execution Vulnerability in graph export CVE-2014-4002 - XSS issues in multiple files CVE-2014-5025 - XSS issue via data source editing CVE-2014-5026 - XSS issues in multiple files Important Updates New graph tree view Updated graph list and graph preview Refactor graph tree view to remove GPL incompatible code Updated command line database upgrade utility Graph zooming now from everywhere @ text @$NetBSD: patch-host.php,v 1.1 2014/01/08 20:51:28 tron Exp $ Fix vulnerability reported in SA54531. Patch taken from here: http://svn.cacti.net/viewvc?view=rev&revision=7420 --- host.php.orig 2013-08-07 03:31:19.000000000 +0100 +++ host.php 2014-01-08 20:26:33.000000000 +0000 @@@@ -149,6 +149,9 @@@@ if ($_POST["snmp_version"] == 3 && ($_POST["snmp_password"] != $_POST["snmp_password_confirm"])) { raise_message(4); }else{ + input_validate_input_number(get_request_var_post("id")); + input_validate_input_number(get_request_var_post("host_template_id")); + $host_id = api_device_save($_POST["id"], $_POST["host_template_id"], $_POST["description"], trim($_POST["hostname"]), $_POST["snmp_community"], $_POST["snmp_version"], $_POST["snmp_username"], $_POST["snmp_password"], @ 1.1 log @Update the "cacti" package to version 0.8.8b. Changes since 0.8.8a: - bug: Fixed issue with custom data source information being lost when saved from edit - bug: Repopulate the poller cache on new installations - bug: Fix issue with poller not escaping the script query path correctly - bug: Allow snmpv3 priv proto none - bug: Fix issue where host activate may flush the entire poller item cache -security: SQL injection and shell escaping issues Also add the fix for the security vulnerability reported in SA54531 taken from the SVN repository. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-host.php was added on branch pkgsrc-2013Q4 on 2014-01-09 23:14:33 +0000 @ text @d1 18 @ 1.1.2.2 log @Pullup ticket #4290 - requested by tron net/cacti: security update Revisions pulled up: - net/cacti/Makefile 1.21 - net/cacti/PLIST 1.4 - net/cacti/distinfo 1.4 - net/cacti/patches/patch-host.php 1.1 - net/cacti/patches/patch-install_index.php 1.2 - net/cacti/patches/patch-lib_api_device.php 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Wed Jan 8 20:51:28 UTC 2014 Modified Files: pkgsrc/net/cacti: Makefile PLIST distinfo pkgsrc/net/cacti/patches: patch-install_index.php Added Files: pkgsrc/net/cacti/patches: patch-host.php patch-lib_api_device.php Log Message: Update the "cacti" package to version 0.8.8b. Changes since 0.8.8a: - bug: Fixed issue with custom data source information being lost when saved from edit - bug: Repopulate the poller cache on new installations - bug: Fix issue with poller not escaping the script query path correctly - bug: Allow snmpv3 priv proto none - bug: Fix issue where host activate may flush the entire poller item cache -security: SQL injection and shell escaping issues Also add the fix for the security vulnerability reported in SA54531 taken from the SVN repository. To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 pkgsrc/net/cacti/Makefile cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/cacti/PLIST pkgsrc/net/cacti/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/net/cacti/patches/patch-host.php \ pkgsrc/net/cacti/patches/patch-lib_api_device.php cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/net/cacti/patches/patch-install_index.php @ text @a0 18 $NetBSD$ Fix vulnerability reported in SA54531. Patch taken from here: http://svn.cacti.net/viewvc?view=rev&revision=7420 --- host.php.orig 2013-08-07 03:31:19.000000000 +0100 +++ host.php 2014-01-08 20:26:33.000000000 +0000 @@@@ -149,6 +149,9 @@@@ if ($_POST["snmp_version"] == 3 && ($_POST["snmp_password"] != $_POST["snmp_password_confirm"])) { raise_message(4); }else{ + input_validate_input_number(get_request_var_post("id")); + input_validate_input_number(get_request_var_post("host_template_id")); + $host_id = api_device_save($_POST["id"], $_POST["host_template_id"], $_POST["description"], trim($_POST["hostname"]), $_POST["snmp_community"], $_POST["snmp_version"], $_POST["snmp_username"], $_POST["snmp_password"], @