monitoring/cacti
SHA256
1
0
Fork 0
forked from pool/cacti
Code Pull Requests Activity
Files
main
cacti/cactid_service.patch

18 lines
484 B
Diff
Raw Permalink Normal View History

- cacti 1.2.29 - security - GHSA-c5j8-jxj3-hh36 - Authenticated RCE via multi-line SNMP responses - security - GHSA-f9c7-7rc3-574c - SQL Injection vulnerability when using tree rules through Automation API - security - GHSA-fh3x-69rr-qqpp - SQL Injection vulnerability when request automation devices - security - GHSA-fxrq-fr7h-9rqq - Arbitrary File Creation leading to RCE - security - GHSA-pv2c-97pp-vxwg - Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path - security - GHSA-vj9g-P7F2-4wqj - SQL Injection vulnerability when view host template - issue - 5843 - Temporary table names may incorrectly think they have a schema - issue - 5847 - When using Preset Time to view graphs, it is using a fixed point rather than relative time - issue - 5848 - Fix issue where RRA files are not automatically removed - issue - 5856 - Fix invalid help link for Automation Networks - issue - 5867 - Unable to disable a tree within the GUI - issue - 5868 - When removing graphs, RRA files may be left behind - issue - 5869 - Improve compatibility with ping under FreeBSD - issue - 5870 - Improve compatibility wtih Slice RRD tool under PHP 8.x - issue - 5874 - Allow IPv6 formats to use colons without port - issue - 5884 - Update Fortigate, Aruba OSCX and Clearpass templates - issue - 5927 - When a plugin is disabled, unable to use GUI to enable it again - issue - 5932 - When upgrading, ensure that replication only runs as necessary - issue - 5961 - Improve caching and syncing issues with replication - issue - 5963 - Improve caching techniques for database calls - issue - 5986 - Improve compatibility for Error constants under PHP 8.4 - issue - 5987 - When running the upgrade database script, cursor is left in the middle of the row - issue - 6065 - Guest page does not automatically refresh - issue - 6078 - When installing, conversion of tables may produce collation errors - feature - 5921 - Add HPE Nimble/Alletra template - feature - 5933 - When installing, only convert core cacti tables - Updated patch for config.php for new name config.php.dist - Add /srv/www directories to filelist [bsc#1231027] - fix for cacti-cron.timer & cacti-cron.service failing after upgrade has already removed - replace cacti-cron.timer & cacti-cron.service with cactid.service to fix thold & other "sub poller" poller processes not running. - cacti 1.2.28: security #GHSA-49f2-hwx9-qffr: XSS vulnerability when creating external links with the consolenewsection parameter security #GHSA-fgc6-g8gc-wcg5: XSS vulnerability when creating external links with the title parameter security #GHSA-gxq4-mv8h-6qj4: RCE vulnerability can be executed via Log Poisoning security #GHSA-wh9c-v56x-v77c: XSS vulnerability when creating external links with the fileurl parameter issue #5636: When using LDAP authentication the first time, warnings may appear in logs issue #5754: When installing, a replication loop for plugin_realms may occur issue #5759: When installing, remote poller may attempt to sync with other pollers issue #5768: When a Data Query has a space, indexes may not be properly escaped issue #5771: Boost does not always order data source records properly issue #5772: Add IP address to the login audit for successful logins by xmacan issue #5773: Undefined variable error may sometimes occur when dealing with RRD output by MSS970 issue #5777: When export to CSV, only the first line of notes is included issue #5780: When rendering forms, missing default value can cause errors issue #5782: Allow hosted content to be executable for the links page issue #5783: When closing database connections, some may linger incorrectly issue #5785: When changing passwords, an infinite loop may occur by ddb4github issue #5790: When using Cacti Daemon, a "Cron out of sync" message may be reported issue #5791: Add ability to filter/sort users by group or last login time issue #5792: When using List View, unable to add Graphs to a Report issue #5797: When using SNMPv3, some devices may show polling issues issue #5802: Limit table conversion to Cacti core tables issue #5806: Fix issues with posix-based kills on Windows issue #5813: When installing, password changes may fail on new installations issue #5814: When using structured RRD folders, permission issues may be flagged incorrectly issue #5823: When unable to locate a valid theme, new default will be Modern issue #5824: Properly cache the data source information for dsstats processing issue #5840: When reindexing, verify all fields may not work as intended feature #5784: Add ability to log database connections/disconnections feature #5796: Add Ping Method where connection refused assumes host is up feature #5819: When displaying graphs, default end time does not show full 24 hour period feature #5825: Add --id to remove_device.php feature #5828: Add Location and Site to Graph List View feature #5830: Add more verbose logging to Boost feature: Update jQuery to 3.7.1 feature: Update jQueryUI to 1.14.0 feature: Update Purify.js to 3.1.6 feature: Update billboard.js to 3.13.0 feature: Improve the performance of the repopulation of the poller cache - attempt to set permissions on several sub folders to fix https://build.opensuse.org/package/show/openSUSE:Factory/cacti#comment-1466121 - Recent builds are being placed in /usr/share instead of existing /srv/www/cacti. This is an attempt to fix. OBS-URL: https://build.opensuse.org/package/show/server:monitoring/cacti?expand=0&rev=184
2025-03-07 14:14:43 +00:00
--- cacti-1.2.28/service/cactid.service.org 2024-10-06 17:38:13.000000000 -0500
+++ cacti-1.2.28/service/cactid.service 2024-10-09 14:37:35.163614889 -0500
@@ -25,10 +25,10 @@ After=network.target
[Service]
Type=forking
-User=apache
-Group=apache
-EnvironmentFile=/etc/sysconfig/cactid
-ExecStart=/var/www/html/cacti/cactid.php
+User=__APACHEUSER__
+Group=__APACHEGROUP__
+#EnvironmentFile=/etc/sysconfig/cactid
+ExecStart=__CACTIDIR__/cactid.php
Restart=always
RestartSec=5s
Copy Permalink