Package: cacti / 0.8.8h+ds1-10+deb9u1

Metadata

Package Version Patches format
cacti 0.8.8h+ds1-10+deb9u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
05_no adodb.patch | (download)

include/global.php | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fixing adodb path
06_config_settings.php_cactid_path.patch | (download)

include/global.php | 2 1 + 1 - 0 !
include/global_settings.php | 7 4 + 3 - 0 !
install/index.php | 2 1 + 1 - 0 !
3 files changed, 6 insertions(+), 5 deletions(-)

 fixing log/spine path for debian
07_cli include path.patch | (download)

cli/add_data_query.php | 2 1 + 1 - 0 !
cli/add_device.php | 2 1 + 1 - 0 !
cli/add_graph_template.php | 2 1 + 1 - 0 !
cli/add_graphs.php | 2 1 + 1 - 0 !
cli/add_perms.php | 2 1 + 1 - 0 !
cli/add_tree.php | 2 1 + 1 - 0 !
cli/analyze_database.php | 2 1 + 1 - 0 !
cli/convert_innodb.php | 2 1 + 1 - 0 !
cli/copy_user.php | 2 1 + 1 - 0 !
cli/data_template_associate_rra.php | 2 1 + 1 - 0 !
cli/host_update_template.php | 2 1 + 1 - 0 !
cli/import_template.php | 2 1 + 1 - 0 !
cli/poller_data_sources_reapply_names.php | 2 1 + 1 - 0 !
cli/poller_graphs_reapply_names.php | 2 1 + 1 - 0 !
cli/poller_output_empty.php | 2 1 + 1 - 0 !
cli/poller_reindex_hosts.php | 2 1 + 1 - 0 !
cli/rebuild_poller_cache.php | 2 1 + 1 - 0 !
cli/reorder_data_query.php | 2 1 + 1 - 0 !
cli/repair_database.php | 2 1 + 1 - 0 !
cli/repair_templates.php | 6 3 + 3 - 0 !
cli/structure_rra_paths.php | 2 1 + 1 - 0 !
cli/upgrade_database.php | 2 1 + 1 - 0 !
22 files changed, 24 insertions(+), 24 deletions(-)

 fix cli path
08_563955_local_data_id.patch | (download)

graphs_new.php | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 fix for "undefined index: local_data_id in graphs_new.php"
Source: svn://svn.cacti.net/cacti/cacti@7324 
09_use utf8.patch | (download)

lib/database.php | 1 1 + 0 - 0 !
lib/rrd.php | 4 2 + 2 - 0 !
2 files changed, 3 insertions(+), 2 deletions(-)

 use utf-8 while creating database and rrd files
10_566609_suhosin.memory_limit.patch | (download)

poller.php | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 php5-common sets weird defaults for memory_limit and
 suhosin.memory_limit
cacti.sql_ensure_cron_works.patch | (download)

cacti.sql | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 the crontab fails if the paths to rrdtool and php are not set.
loadavg_multi_locale_friendly.patch | (download)

scripts/loadavg_multi.pl | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 loadavg_multi.pl is not locale safe
 The Data Input Method „Unix - Get Load Average” isn’t working on systems
 with a locale that does not use the dot as decimal point.
 .
 Example problem: on de_DE.UTF-8 locale systems the output of uptime is:
 14:12:51 up 1 day,  6:35,  3 users,  load average: 0,38, 0,20, 0,17
 .
 The load average values must have a dot instead of a comma, so force the
 locale properly.
Bug: http://bugs.cacti.net/view.php?id=2355
Bug-Debian: http://bugs.debian.org/704057
Bug-Debian: http://bugs.debian.org/793401
fix_php_strict_warning_in_ping.patch | (download)

lib/ping.php | 63 30 + 33 - 0 !
1 file changed, 30 insertions(+), 33 deletions(-)

 php 5.4 changed how variables in a function call are assigned.
 For the current cacti code this goes wrong in calls to socket_select.
 Currently this triggers the following warning:
 PHP Strict Standards: Only variables should be passed by reference in
 /usr/share/cacti/site/lib/ping.php on line 382 
Bug: http://bugs.cacti.net/view.php?id=2261
Bug-Debian: http://bugs.debian.org/694159
Source: http://svn.cacti.net/viewvc/cacti/branches/0.8.9/lib/ping.php?r1=7331&r2=7330&view=patch
Date: Sat, 20 Apr 2013 07:28:24 +0200
add_rrdtool 1.5_to_utilities.php.patch | (download)

utilities.php | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

 upstream forgot to add the required 1.5 version to utilities, now showing an error.
Bug: http://bugs.cacti.net/view.php?id=2567
11_1571432_mysqli.patch | (download)

install/index.php | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 use mysqli extension not mysql with php7.0
make_cacti_sql_mode strict_compatible.patch | (download)

cacti.sql | 2 2 + 0 - 0 !
lib/database.php | 2 2 + 0 - 0 !
2 files changed, 4 insertions(+)

 since mysql 5.7 sql_mode is by default set to strict
 mode. However, cacti is not designed to be compatible. So to enable cacti to
 keep working, it needs to force NO_ZERO_DATE and ONLY_FULL_GROUP_BY to be
 unset.
CVE 2016 2313 guest auth.patch | (download)

auth_login.php | 7 4 + 3 - 0 !
1 file changed, 4 insertions(+), 3 deletions(-)

 [patch] fixing bug #2697

web basic for guest accounts

fix_export_for_debian_packages.patch | (download)

lib/graph_export.php | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 the debian packages don't contain some files (probably not needed
 anymore). So to avoid the export on borking, remove them.
enable_faster_polling_than_cron.patch | (download)

poller.php | 6 2 + 4 - 0 !
1 file changed, 2 insertions(+), 4 deletions(-)

 split() is deprecated in php 7, causing the code to fail
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/cacti/+bug/1662027
Bug-Debian: https://bugs.debian.org/860271
Source: https://github.com/Cacti/cacti/commit/6b5931130770cdfa5baa68c43a913dcabf1c3970

CVE 2019 17358.patch | (download)

lib/functions.php | 23 15 + 8 - 0 !
1 file changed, 15 insertions(+), 8 deletions(-)

---