Update Info


Security update for cacti, cacti-spine

Type: security
Severity: moderate
Issued: 2020-05-11
This update for cacti, cacti-spine fixes the following issues:

cacti-spine and cacti were updated to 1.2.12:

cacti fixes:

* CVE-2020-7106: Lack of escaping of color items can lead to XSS
  exposure (boo#1163749)
* Fix multiple graphing bugs and web UI issues
* Fix multiple warnings, PHP Exceptions and errors
* Content-Security-Policy prevents External Links from being opened
* Prevent runtime memory issues by increasing memory limit
* Improve SNMPv3 handling

cacti-spine fixes:

* Failed host lookup causes spine to crash



  • cacti-spine-1.2.12-bp151.4.9.1
  • cacti-1.2.12-bp151.4.9.1