Control: retitle -1 cacti: CVE-2025-26520 (Incomplete fix for CVE-2024-54146)
On Tue, Feb 11, 2025 at 08:41:30AM +0100, Salvatore Bonaccorso wrote: > Source: cacti > Version: 1.2.28+ds1-4 > Severity: important > Tags: security upstream > Forwarded: https://github.com/Cacti/cacti/pull/6096 > X-Debbugs-Cc: car...@debian.org, Debian Security Team > <t...@security.debian.org> > > Hi > > As reported by Sylvain, the fix for CVE-2024-54146 was incomplete. > > https://github.com/Cacti/cacti/pull/6096 > https://github.com/Cacti/cacti/commit/7fa60c03ad4a69c701ac6b77c85a8927df7acd51 This has a separate CVE, CVE-2025-26520. Regards, Salvatore
