forked from pool/cacti
Joel Baltazor
634252aced
- security - GHSA-c5j8-jxj3-hh36 - Authenticated RCE via multi-line SNMP responses
- security - GHSA-f9c7-7rc3-574c - SQL Injection vulnerability when using tree rules through Automation API
- security - GHSA-fh3x-69rr-qqpp - SQL Injection vulnerability when request automation devices
- security - GHSA-fxrq-fr7h-9rqq - Arbitrary File Creation leading to RCE
- security - GHSA-pv2c-97pp-vxwg - Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path
- security - GHSA-vj9g-P7F2-4wqj - SQL Injection vulnerability when view host template
- issue - 5843 - Temporary table names may incorrectly think they have a schema
- issue - 5847 - When using Preset Time to view graphs, it is using a fixed point rather than relative time
- issue - 5848 - Fix issue where RRA files are not automatically removed
- issue - 5856 - Fix invalid help link for Automation Networks
- issue - 5867 - Unable to disable a tree within the GUI
- issue - 5868 - When removing graphs, RRA files may be left behind
- issue - 5869 - Improve compatibility with ping under FreeBSD
- issue - 5870 - Improve compatibility wtih Slice RRD tool under PHP 8.x
- issue - 5874 - Allow IPv6 formats to use colons without port
- issue - 5884 - Update Fortigate, Aruba OSCX and Clearpass templates
- issue - 5927 - When a plugin is disabled, unable to use GUI to enable it again
- issue - 5932 - When upgrading, ensure that replication only runs as necessary
- issue - 5961 - Improve caching and syncing issues with replication
- issue - 5963 - Improve caching techniques for database calls
- issue - 5986 - Improve compatibility for Error constants under PHP 8.4
- issue - 5987 - When running the upgrade database script, cursor is left in the middle of the row
- issue - 6065 - Guest page does not automatically refresh
- issue - 6078 - When installing, conversion of tables may produce collation errors
- feature - 5921 - Add HPE Nimble/Alletra template
- feature - 5933 - When installing, only convert core cacti tables
- Updated patch for config.php for new name config.php.dist
- Add /srv/www directories to filelist [bsc#1231027]
- fix for cacti-cron.timer & cacti-cron.service failing after upgrade has already removed
- replace cacti-cron.timer & cacti-cron.service with cactid.service
to fix thold & other "sub poller" poller processes not running.
- cacti 1.2.28:
security #GHSA-49f2-hwx9-qffr: XSS vulnerability when creating external links with the consolenewsection parameter
security #GHSA-fgc6-g8gc-wcg5: XSS vulnerability when creating external links with the title parameter
security #GHSA-gxq4-mv8h-6qj4: RCE vulnerability can be executed via Log Poisoning
security #GHSA-wh9c-v56x-v77c: XSS vulnerability when creating external links with the fileurl parameter
issue #5636: When using LDAP authentication the first time, warnings may appear in logs
issue #5754: When installing, a replication loop for plugin_realms may occur
issue #5759: When installing, remote poller may attempt to sync with other pollers
issue #5768: When a Data Query has a space, indexes may not be properly escaped
issue #5771: Boost does not always order data source records properly
issue #5772: Add IP address to the login audit for successful logins by xmacan
issue #5773: Undefined variable error may sometimes occur when dealing with RRD output by MSS970
issue #5777: When export to CSV, only the first line of notes is included
issue #5780: When rendering forms, missing default value can cause errors
issue #5782: Allow hosted content to be executable for the links page
issue #5783: When closing database connections, some may linger incorrectly
issue #5785: When changing passwords, an infinite loop may occur by ddb4github
issue #5790: When using Cacti Daemon, a "Cron out of sync" message may be reported
issue #5791: Add ability to filter/sort users by group or last login time
issue #5792: When using List View, unable to add Graphs to a Report
issue #5797: When using SNMPv3, some devices may show polling issues
issue #5802: Limit table conversion to Cacti core tables
issue #5806: Fix issues with posix-based kills on Windows
issue #5813: When installing, password changes may fail on new installations
issue #5814: When using structured RRD folders, permission issues may be flagged incorrectly
issue #5823: When unable to locate a valid theme, new default will be Modern
issue #5824: Properly cache the data source information for dsstats processing
issue #5840: When reindexing, verify all fields may not work as intended
feature #5784: Add ability to log database connections/disconnections
feature #5796: Add Ping Method where connection refused assumes host is up
feature #5819: When displaying graphs, default end time does not show full 24 hour period
feature #5825: Add --id to remove_device.php
feature #5828: Add Location and Site to Graph List View
feature #5830: Add more verbose logging to Boost
feature: Update jQuery to 3.7.1
feature: Update jQueryUI to 1.14.0
feature: Update Purify.js to 3.1.6
feature: Update billboard.js to 3.13.0
feature: Improve the performance of the repopulation of the poller cache
- attempt to set permissions on several sub folders
to fix https://build.opensuse.org/package/show/openSUSE:Factory/cacti#comment-1466121
- Recent builds are being placed in /usr/share instead of existing /srv/www/cacti. This is an attempt to fix.
OBS-URL: https://build.opensuse.org/package/show/server:monitoring/cacti?expand=0&rev=184
18 lines
484 B
Diff
18 lines
484 B
Diff
--- cacti-1.2.28/service/cactid.service.org 2024-10-06 17:38:13.000000000 -0500
|
|
+++ cacti-1.2.28/service/cactid.service 2024-10-09 14:37:35.163614889 -0500
|
|
@@ -25,10 +25,10 @@ After=network.target
|
|
|
|
[Service]
|
|
Type=forking
|
|
-User=apache
|
|
-Group=apache
|
|
-EnvironmentFile=/etc/sysconfig/cactid
|
|
-ExecStart=/var/www/html/cacti/cactid.php
|
|
+User=__APACHEUSER__
|
|
+Group=__APACHEGROUP__
|
|
+#EnvironmentFile=/etc/sysconfig/cactid
|
|
+ExecStart=__CACTIDIR__/cactid.php
|
|
Restart=always
|
|
RestartSec=5s
|
|
|