[Secure-testing-team] Bug#743565: cacti: CVE-2014-2708 CVE-2014-2709
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 3 19:30:56 UTC 2014
Package: cacti
Severity: grave
Tags: security upstream
Dear cacti maintainers
Two more vulnerabilities were published/CVE assigned for cacti.
CVE-2014-2708[0] and CVE-2014-2709[1]. Fore the CVE assignment details
see [2]. For these there is upstream commit [3] (both CVE addressed in
same commit).
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
https://security-tracker.debian.org/tracker/CVE-2014-2708
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
https://security-tracker.debian.org/tracker/CVE-2014-2709
[2] http://seclists.org/oss-sec/2014/q2/15
[3] http://svn.cacti.net/viewvc?view=rev&revision=7439
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list