ELBA-2025-33686

ULN >
Oracle Linux Errata repository >
ELBA-2025-33686

ELBA-2025-33686 - cacti Bug Fix update

Type:	BUG
Impact:	NA
Release Date:	2025-04-23

Description

[1.2.30-1]
- Update to version 1.2.30

[1.2.27-1]
- Update to version 1.2.27
- CVE-2024-25641, CVE-2024-29894, CVE-2024-31443, CVE-2024-31444, CVE-2024-31445, CVE-2024-31458, CVE-2024-31459, CVE-2024-31460, CVE-2024-34340

[1.2.26-1]
- Update to version 1.2.26
- CVE-2023-49084, CVE-2023-49085, CVE-2023-49086, CVE-2023-49088, CVE-2023-50250, CVE-2023-51448

[1.2.25-1]
- Update to version 1.2.25

[1.2.23-1]
- Update to 1.2.23

[1.2.22-1]
- Update to 1.2.22

[1.2.21-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

[1.2.21-1]
- Update to 1.2.21

[1.2.20-1]
- Update to 1.2.20

[1.2.19-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

[1.2.19-1]
- Update to 1.2.19

[1.2.17-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

[1.2.17-1]
- Update to 1.2.17

[1.2.16-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[1.2.16-1]
- Update to 1.2.16

[1.2.15-1]
- Update to 1.2.15

[1.2.14-1]
- Update to 1.2.14

[1.2.13-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

[1.2.13-1]
- Update to 1.2.13
- CVE-2020-11022, CVE-2020-11023, CVE-2020-13625, CVE-2020-14295

[1.2.12-1]
- Update to 1.2.12

[1.2.11-1]
- Update to 1.2.11

[1.2.10-1]
- Update to 1.2.10
- CVE-2020-8813

[1.2.9-1]
- Update to 1.2.9
- CVE-2020-7106, CVE-2020-7237

[1.2.8-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

[1.2.8-1]
- Update to 1.2.8
- CVE-2019-17357, CVE-2019-17358, CVE-2019-16723

[1.2.7-1]
- Update to 1.2.7

[1.2.6-1]
- Update to 1.2.6

[1.2.5-4]
- Don't require php-imap

[1.2.5-3]
- Require mariadb instead of mysql

[1.2.5-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

[1.2.5-1]
- Update to 1.2.5

[1.2.4-1]
- Update to 1.2.4

[1.2.3-1]
- Update to 1.2.3

[1.2.2-1]
- Update to 1.2.2
- SELinux improvements
- Packaging improvements

[1.2.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

[1.2.1-1]
- Update to 1.2.1

[1.2.0-2]
- Spec file improvements
- Updated PHP libs/extensions

[1.2.0-1]
- Update to 1.2.0
- Provide nginx support

[1.1.38-4]
- Spec file improvements
- Updated logrotation settings
- Removed cacti user
- Changed rra file ownership to apache #1454755

[1.1.38-3]
- Fix for https://github.com/Cacti/cacti/issues/1634

[1.1.38-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[1.1.38-1]
- Update to 1.1.38

[1.1.37-1]
- Update to 1.1.37

[1.1.36-1]
- Update to 1.1.36

[1.1.35-1]
- Update to 1.1.35

[1.1.34-1]
- Update to 1.1.34

[1.1.33-1]
- Update to 1.1.33

[1.1.28-1]
- Update to 1.1.28
- CVE-2017-16641, CVE-2017-16660, CVE-2017-16661, CVE-2017-16785

[1.1.27-1]
- Update to 1.1.27

[1.1.26-1]
- Update to 1.1.26
- CVE-2017-15194

[1.1.24-1]
- Update to 1.1.24

[1.1.21-1]
- Update to 1.1.21

[1.1.19-1]
- Update to 1.1.19

[1.1.17-1]
- Update to 1.1.17

[1.1.16-1]
- Update to 1.1.16

[1.1.15-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[1.1.15-1]
- Update to 1.1.15

[1.1.14-1]
- Update to 1.1.14

[1.1.13-1]
- Update to 1.1.13

[1.1.12-2]
- Fix Cross-site Scripting (XSS) issue with link.php

[1.1.12-1]
- Update to 1.1.12

[1.1.11-1]
- Update to 1.1.11

[1.1.10-1]
- Update to 1.1.10

[1.1.7-1]
- Update to 1.1.7

[1.1.6-2]
- Fix PHP requirements
- Cacti db access not compatible with PHP 7 (#1450578)

[1.1.6-1]
- Update to 1.1.6

[1.1.5-1]
- Update to 1.1.5

[1.1.4-1]
- Update to 1.1.4

[1.1.3-1]
- Update to 1.1.3

[1.1.2-2]
- Work with several MySQL variants (#1440755)

[1.1.2-1]
- Update to 1.1.2

[1.1.1-1]
- Update to 1.1.1

[1.1.0-1]
- Update to 1.1.0

[1.0.6-1]
- Update to 1.0.6

[1.0.5-1]
- Update to 1.0.5
- Logfile improvements
- Added php-gd and php-process as dependency (#1430893)

[1.0.4-1]
- Update to 1.0.4

[1.0.3-2]
- Cacti 1.0.x spec file improvements

[1.0.3-1]
- Update to 1.0.3

[1.0.2-1]
- Update to 1.0.2

[0.8.8h-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

[0.8.8h-3]
- Fixes for PHP7 backported from Arch Linux (#1390770)

[0.8.8h-2]
- php7 Requires fix.

[0.8.8h-1]
- Update to 0.8.8h
- CVE-2016-3659

[0.8.8g-1]
- Update to 0.8.8g
- Improve spec file (#1302904)

[0.8.8f-2]
- CVE-2015-8369: SQL Injection vulnerability in graph.php
- CVE-2015-8377: Fix SQL Injection vulnerability in graphs_new.php
- CVE-2015-8604: Fix SQL Injection vulnerability in graphs_new.php

[0.8.8f-1]
- Update to 0.8.8f

[0.8.8b-7]
- Patches for CVE-2014-4002 Cross-site scripting vulnerability
(RHBZ #1113035)

[0.8.8b-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

[0.8.8b-5]
- Patch for CVE-2014-2708 SQL injection issues in graph_xport.php
(RHBZ #1084258)
- Patch for CVE-2014-2709 shell escaping issues in lib/rrd.php
(RHBZ #1084258)
- Patch for CVE-2014-2326 stored XSS attack (RHBZ #1082122)
- Patch for CVE-2014-2328 use of exec-like function calls without safety
checks allow arbitrary command execution (RHBZ #1082122)

[0.8.8b-4]
- Move cron to a separate file and require crontabs (RHBZ #947047). Thanks
Johann B. Gudmundsson.
- Update for systemd (RHBZ #947047). Thanks Johann B. Gudmundsson.
- Fix rpmlint warning about spaces-to-tabs

[0.8.8b-3]
- Fix comments in thumbnails (BZ #1004550)

[0.8.8b-2]
- Patch for CVE-2013-5588 and CVE-2013-5589 (BZ #1000860)

[0.8.8b-1]
- New upstream release (BZ #993042)

[0.8.8a-9]
- Use %{_pkgdocdir}, per
https://fedoraproject.org/wiki/Changes/UnversionedDocdirs

[0.8.8a-8]
- Improve security description in cacti's httpd conf (RHBZ #895823)
- Use improved treeview replacement patch (RHBZ #888207)
- rpmlint fixes
- trim RPM changelog

[0.8.8a-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

[0.8.8a-6]
- Add note to README.fedora about the default MySQL password
- Remove reference to 'docs/INSTALL' in README.fedora (RHBZ #893122)
- Add dependency on net-snmp-utils (RHBZ #893150)

[0.8.8a-5]
- Install our README file as README.fedora

[0.8.8a-4]
- remove non-free treeview bits (replace with jquery future code from 0.8.9 trunk)

[0.8.8a-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

[0.8.8a-2]
- Add plugins directory (BZ #834355)
- Drop Fedora 15 (EOL) from logrotate syntax adjustment

[0.8.8a-1]
- New upstream release (BZ #817506)
- Drop upstreamed patch

[0.8.8-3]
- Patch to default to '/cacti/' (upstream bug 2217)

[0.8.8-2]
- Adjust httpd ACL conditionals to test the presence of mod_authz_core
(as discussed on fedora-devel)

[0.8.8-1]
- New upstream release (BZ #809753).

[0.8.7i-4]
- Adjust ACLs to support httpd 2.4.

[0.8.7i-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

[0.8.7i-2]
- Only set 'su' logrotate parameter for F16 and above.
- Tweak mod_security rules.

[0.8.7i-1]
- New upstream release (BZ #766573).

[0.8.7h-2]
- block HTTP access to log and rra directories (#609856)
- overrides for mod_security
- set logrotate to su to cacti apache when rotating (#753079)

[0.8.7h-1]
- New upstream release.
- Remove upstream'd mysql patch.

[0.8.7g-3]
- Patch for MySQL 5.5, BZ 728513.

[0.8.7g-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

[0.8.7g-1]
- Upstream released new version

[0.8.7f-1]
- Upstream released new version
- Contains security updates #595289

[0.8.7e-4]
- Pulling in patches from upstream
- SQL injection fix
- BZ #541279

[0.8.7e-3]
- Pulling in some official patches
- #541279
- #541962

[0.8.7e-1]
- Upstream released new version

[0.8.7d-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

[0.8.7d-3]
- Fix unowned cli directory (#473631)

[0.8.7d-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

[0.8.7d-1]
- Upstream released new version

[0.8.7b-4]
- Added cli directory

[0.8.7b-3]
- fix my own mistake in the license tag

[0.8.7b-2]
- fix license tag

[0.8.7b-1]
- Upstream released new version

[0.8.7a-2]
- db.php is now 640 instead of 660 - #396331

[0.8.7a-1]
- Upstream released new version
- Fixes for bug #391691 - CVE-2007-6035

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (x86_64)	cacti-1.2.30-1.el8.src.rpm	3c71d07c9d93c2815f186cc9d832e76504d8b686bc554a0e7ff75ed11c0fbed6	-	ol8_x86_64_developer_EPEL
	cacti-1.2.30-1.el8.noarch.rpm	dab76b524ce3edada912986ee0bbb18e2d5621074fde17cc9c117e7708241b4b	-	ol8_x86_64_developer_EPEL

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691