aboutsummaryrefslogtreecommitdiffstats
path: root/main/cacti
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2016-03-18 09:14:24 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2016-03-18 09:16:37 +0000
commitec365ab813fa5ddf6d6b585f7ac673f029261ceb (patch)
tree8b6d7b104b4152bf337e61159b1d3e6e71f0f610 /main/cacti
parent2cd7a670e3ed36724d282fc405fd293868df336c (diff)
downloadaports-ec365ab813fa5ddf6d6b585f7ac673f029261ceb.tar.bz2
aports-ec365ab813fa5ddf6d6b585f7ac673f029261ceb.tar.xz
main/cacti: security upgrade to 0.8.8g (CVE-2015-8369, CVE-2015-8377)
fixes #4993
Diffstat (limited to 'main/cacti')
-rw-r--r--main/cacti/APKBUILD18
-rw-r--r--main/cacti/CVE-2015-8369.patch204
-rw-r--r--main/cacti/CVE-2015-8604.patch28
3 files changed, 5 insertions, 245 deletions
diff --git a/main/cacti/APKBUILD b/main/cacti/APKBUILD
index b82a94b3e7..68f408224a 100644
--- a/main/cacti/APKBUILD
+++ b/main/cacti/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Jeff Bilyk <jbilyk@gmail.com>
pkgname=cacti
-pkgver=0.8.8f
-pkgrel=2
+pkgver=0.8.8g
+pkgrel=0
pkgdesc="Network monitoring tool based on RRDtool"
url="http://www.cacti.net"
arch="noarch"
@@ -9,8 +9,6 @@ license="GPL2+"
depends="mysql php php-mysql php-snmp rrdtool net-snmp php-sockets php-xml php-gd"
makedepends=""
source="http://www.cacti.net/downloads/$pkgname-$pkgver.tar.gz
- CVE-2015-8369.patch
- CVE-2015-8604.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
@@ -33,12 +31,6 @@ package() {
mv "$srcdir"/$pkgname-$pkgver/* "$pkgdir"/usr/share/webapps/cacti/ || return 1
}
-md5sums="8d90642b362f80c46c489c5531e2ba90 cacti-0.8.8f.tar.gz
-aad7eea5843fe6518bd5ac2c83f4681b CVE-2015-8369.patch
-d2d7a561ddad59bcf4e1092c048d26c0 CVE-2015-8604.patch"
-sha256sums="2ea92407c11bf13302558a5bc9e1f3a57bd14a1d9ded48c505ec495762f76738 cacti-0.8.8f.tar.gz
-8f6ffaa2fd7ceb929ccae471ff7e2b462d37ac62c9ce8cffde635205d0eb03d8 CVE-2015-8369.patch
-766a50cb6d14a0d03811e6332d4d46b6f6717574de370d2d6ab50c2c9b164e73 CVE-2015-8604.patch"
-sha512sums="b712a9f8b7bee632cb4982fed72793ac2f4d70aa042784bbd2fd3923a27901f457393aa95bbd63960187e85fe462c35e88fa3cd93e8537a3a68f94bdbf5d7f2b cacti-0.8.8f.tar.gz
-1a7de23cf9937905463a2634840fa8878d650e1562565b99ae4f1e7a0200f9942ab2d9f59c7824cbadce9c2e9ee40e5639f8ac8ceba1a4d0349585583d301019 CVE-2015-8369.patch
-9677039934b0ce4c42f31437591b2b1d37303e3009c5d773700ffab7e92d20183156f9ec2659bb38876f44095cc2886c0afc9cc03bd950832be2e96dc02620b1 CVE-2015-8604.patch"
+md5sums="75f660d54152182e1dbbf0db73143098 cacti-0.8.8g.tar.gz"
+sha256sums="3187bd5054ae4e54496bb23187f14c79a441fedcfd397a2d27cd60179f0dee33 cacti-0.8.8g.tar.gz"
+sha512sums="cbac69de47a32de8b87d0fc2f32e90eb70f7f13828fd17764957b5afbbcc7a8954ccc49f30f414d5fdf09142967a9ddcb4cde66d03569407ae05fc36612b731c cacti-0.8.8g.tar.gz"
diff --git a/main/cacti/CVE-2015-8369.patch b/main/cacti/CVE-2015-8369.patch
deleted file mode 100644
index 74b7f7001e..0000000000
--- a/main/cacti/CVE-2015-8369.patch
+++ /dev/null
@@ -1,204 +0,0 @@
---- a/include/top_graph_header.php 2015/11/17 01:39:54 7758
-+++ b/include/top_graph_header.php 2015/11/28 20:08:16 7767
-@@ -146,12 +146,12 @@
- $graph_data_array["print_source"] = true;
-
- /* override: graph start time (unix time) */
-- if (!empty($_GET["graph_start"])) {
-+ if (!empty($_REQUEST["graph_start"])) {
- $graph_data_array["graph_start"] = get_request_var_request("graph_start");
- }
-
- /* override: graph end time (unix time) */
-- if (!empty($_GET["graph_end"])) {
-+ if (!empty($_REQUEST["graph_end"])) {
- $graph_data_array["graph_end"] = get_request_var_request("graph_end");
- }
-
---- a/graph.php 2015/08/10 01:16:44 7755
-+++ b/graph.php 2015/11/28 20:08:16 7767
-@@ -32,43 +32,43 @@
-
- api_plugin_hook_function('graph');
-
--include_once("./lib/html_tree.php");
--include_once("./include/top_graph_header.php");
--
- /* ================= input validation ================= */
--input_validate_input_regex(get_request_var("rra_id"), "^([0-9]+|all)$");
--input_validate_input_number(get_request_var("local_graph_id"));
--input_validate_input_number(get_request_var("graph_end"));
--input_validate_input_number(get_request_var("graph_start"));
-+input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
-+input_validate_input_number(get_request_var_request("local_graph_id"));
-+input_validate_input_number(get_request_var_request("graph_end"));
-+input_validate_input_number(get_request_var_request("graph_start"));
- input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
- /* ==================================================== */
-
--if (!isset($_GET['rra_id'])) {
-- $_GET['rra_id'] = 'all';
-+include_once("./lib/html_tree.php");
-+include_once("./include/top_graph_header.php");
-+
-+if (!isset($_REQUEST['rra_id'])) {
-+ $_REQUEST['rra_id'] = 'all';
- }
-
--if ($_GET["rra_id"] == "all") {
-+if ($_REQUEST["rra_id"] == "all") {
- $sql_where = " where id is not null";
- }else{
-- $sql_where = " where id=" . $_GET["rra_id"];
-+ $sql_where = " where id=" . $_REQUEST["rra_id"];
- }
-
- /* make sure the graph requested exists (sanity) */
--if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_GET["local_graph_id"]))) {
-+if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_REQUEST["local_graph_id"]))) {
- print "<strong><font size='+1' color='FF0000'>GRAPH DOES NOT EXIST</font></strong>"; exit;
- }
-
- /* take graph permissions into account here, if the user does not have permission
- give an "access denied" message */
- if (read_config_option("auth_method") != 0) {
-- $access_denied = !(is_graph_allowed($_GET["local_graph_id"]));
-+ $access_denied = !(is_graph_allowed($_REQUEST["local_graph_id"]));
-
- if ($access_denied == true) {
- print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit;
- }
- }
-
--$graph_title = get_graph_title($_GET["local_graph_id"]);
-+$graph_title = get_graph_title($_REQUEST["local_graph_id"]);
-
- if ($_REQUEST["view_type"] == "tree") {
- print "<table width='100%' style='background-color: #ffffff; border: 1px solid #ffffff;' align='center' cellspacing='0' cellpadding='3'>";
-@@ -76,15 +76,15 @@
- print "<table width='100%' style='background-color: #f5f5f5; border: 1px solid #bbbbbb;' align='center' cellspacing='0' cellpadding='3'>";
- }
-
--$rras = get_associated_rras($_GET["local_graph_id"]);
-+$rras = get_associated_rras($_REQUEST["local_graph_id"]);
-
- switch ($_REQUEST["action"]) {
- case 'view':
- api_plugin_hook_function('page_buttons',
-- array('lgid' => $_GET["local_graph_id"],
-+ array('lgid' => $_REQUEST["local_graph_id"],
- 'leafid' => '',//$leaf_id,
- 'mode' => 'mrtg',
-- 'rraid' => $_GET["rra_id"])
-+ 'rraid' => $_REQUEST["rra_id"])
- );
- ?>
- <tr class='tableHeader'>
-@@ -105,13 +105,13 @@
- <table width='1' cellpadding='0'>
- <tr>
- <td>
-- <img class='graphimage' id='graph_<?php print $_GET["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
-+ <img class='graphimage' id='graph_<?php print $_REQUEST["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
- </td>
- <td valign='top' style='padding: 3px;' class='noprint'>
-- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
-- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
-- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
-- <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?>
-+ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
-+ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
-+ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
-+ <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?>
- <a href='#page_top'><img src='<?php print $config['url_path']; ?>images/graph_page_top.gif' border='0' alt='Page Top' title='Page Top' style='padding: 3px;'></a><br>
- </td>
- </tr>
-@@ -143,7 +143,7 @@
- }
-
- /* fetch information for the current RRA */
-- $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_GET["rra_id"]);
-+ $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_REQUEST["rra_id"]);
-
- /* define the time span, which decides which rra to use */
- $timespan = -($rra["timespan"]);
-@@ -154,24 +154,24 @@
- FROM (data_template_data,data_template_rrd,graph_templates_item)
- WHERE graph_templates_item.task_item_id=data_template_rrd.id
- AND data_template_rrd.local_data_id=data_template_data.local_data_id
-- AND graph_templates_item.local_graph_id=" . $_GET["local_graph_id"] .
-+ AND graph_templates_item.local_graph_id=" . $_REQUEST["local_graph_id"] .
- " LIMIT 0,1");
- $ds_step = empty($ds_step) ? 300 : $ds_step;
- $seconds_between_graph_updates = ($ds_step * $rra["steps"]);
-
- $now = time();
-
-- if (isset($_GET["graph_end"]) && ($_GET["graph_end"] <= $now - $seconds_between_graph_updates)) {
-- $graph_end = $_GET["graph_end"];
-+ if (isset($_REQUEST["graph_end"]) && ($_REQUEST["graph_end"] <= $now - $seconds_between_graph_updates)) {
-+ $graph_end = $_REQUEST["graph_end"];
- }else{
- $graph_end = $now - $seconds_between_graph_updates;
- }
-
-- if (isset($_GET["graph_start"])) {
-- if (($graph_end - $_GET["graph_start"])>$max_timespan) {
-+ if (isset($_REQUEST["graph_start"])) {
-+ if (($graph_end - $_REQUEST["graph_start"])>$max_timespan) {
- $graph_start = $now - $max_timespan;
- }else {
-- $graph_start = $_GET["graph_start"];
-+ $graph_start = $_REQUEST["graph_start"];
- }
- }else{
- $graph_start = $now + $timespan;
-@@ -186,7 +186,7 @@
- graph_templates_graph.height,
- graph_templates_graph.width
- from graph_templates_graph
-- where graph_templates_graph.local_graph_id=" . $_GET["local_graph_id"]);
-+ where graph_templates_graph.local_graph_id=" . $_REQUEST["local_graph_id"]);
-
- $graph_height = $graph["height"];
- $graph_width = $graph["width"];
-@@ -214,12 +214,12 @@
- <table width='1' cellpadding='0'>
- <tr>
- <td>
-- <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
-+ <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
- </td>
- <td valign='top' style='padding: 3px;' class='noprint'>
-- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
-- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
-- <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
-+ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
-+ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
-+ <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
- </td>
- </tr>
- <tr>
-@@ -249,17 +249,17 @@
- <table width='1' cellpadding='0'>
- <tr>
- <td>
-- <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&graph_start=" . (isset($_GET["graph_start"]) ? $_GET["graph_start"] : "0") . "&graph_end=" . (isset($_GET["graph_end"]) ? $_GET["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'>
-+ <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&graph_start=" . (isset($_REQUEST["graph_start"]) ? $_REQUEST["graph_start"] : "0") . "&graph_end=" . (isset($_REQUEST["graph_end"]) ? $_REQUEST["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'>
- </td>
- <td valign='top' style='padding: 3px;'>
-- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
-- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
-- <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
-+ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
-+ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
-+ <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
- </td>
- </tr>
- <tr>
- <td colspan='2' align='center'>
-- <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_GET["rra_id"]));?></strong>
-+ <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_REQUEST["rra_id"]));?></strong>
- </td>
- </tr>
- </table>
diff --git a/main/cacti/CVE-2015-8604.patch b/main/cacti/CVE-2015-8604.patch
deleted file mode 100644
index 21c6b366a9..0000000000
--- a/main/cacti/CVE-2015-8604.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-Description: SQL injection vulnerability in the host_new_graphs function in
- graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users
- to execute arbitrary SQL commands via crafted serialized data in the
- selected_graphs_array parameter in a save action.
-Author: Paul Gevers <elbrus@debian.org>
-Bug: http://bugs.cacti.net/view.php?id=2652
-Index: cacti/graphs_new.php
-===================================================================
---- cacti.orig/graphs_new.php
-+++ cacti/graphs_new.php
-@@ -252,6 +252,9 @@ function host_new_graphs($host_id, $host
-
- while (list($form_type, $form_array) = each($selected_graphs_array)) {
- while (list($form_id1, $form_array2) = each($form_array)) {
-+ /* ================= input validation ================= */
-+ input_validate_input_number($form_id1);
-+ /* ==================================================== */
- if ($form_type == "cg") {
- $graph_template_id = $form_id1;
-
-@@ -260,6 +263,7 @@ function host_new_graphs($host_id, $host
- while (list($form_id2, $form_array3) = each($form_array2)) {
- /* ================= input validation ================= */
- input_validate_input_number($snmp_query_id);
-+ input_validate_input_number($form_id2);
- /* ==================================================== */
-
- $snmp_query_id = $form_id1;