Bug#484065: cacti: input validation error on trying to view certain timespans

Mon, 02 Jun 2008 01:41:13 -0700 

Package: cacti
Version: 0.8.6i-3.4
Severity: normal
Tags: patch

please incorporate the fix listed in 
  http://forums.cacti.net/about19882.html&highlight=input_validate_input_number

which simply means uncommenting a line found in
./debian/patches/07_official_dec06-vulnerability-poller-0.8.6i.dpatch
 (and subsequently in ./include/html/inc_timespan_settings.php)

 cheers,
 raoul

patch:

Index: 
/vendors/cacti/cacti-0.8.6i-ipax/debian/patches/07_official_dec06-vulnerability-poller-0.8.6i.dpatch
===================================================================
--- ./debian/patches/07_official_dec06-vulnerability-poller-0.8.6i.dpatch.orig
+++ ./debian/patches/07_official_dec06-vulnerability-poller-0.8.6i.dpatch
@@ -48,5 +48,5 @@
  
 +/* ================= input validation ================= */
-+input_validate_input_number(get_request_var_request("predefined_timespan"));
++#input_validate_input_number(get_request_var_request("predefined_timespan"));
 +/* ==================================================== */
 +

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (700, 'stable'), (60, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22.15-grsec2.1.11-vs2.2.0.5
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages cacti depends on:
ii  apache2                   2.2.3-4+etch4  Next generation, scalable, extenda
ii  apache2-mpm-prefork [http 2.2.3-4+etch4  Traditional model for Apache HTTPD
ii  dbconfig-common           1.8.29+etch1   common framework for packaging dat
ii  debconf [debconf-2.0]     1.5.11etch1    Debian configuration management sy
ii  libapache2-mod-php5       5.2.0-8+etch11 server-side, HTML-embedded scripti
ii  libphp-adodb              4.93a-1.1      The 'adodb' database abstraction l
ii  logrotate                 3.7.1-3        Log rotation utility
ii  mysql-client-5.0 [virtual 5.0.32-7etch5  mysql database client binaries
ii  php5-cli                  5.2.0-8+etch11 command-line interpreter for the p
ii  php5-mysql                5.2.0-8+etch11 MySQL module for php5
ii  php5-snmp                 5.2.0-8+etch11 SNMP module for php5
ii  rrdtool                   1.2.15-0.3     Time-series data storage and displ
ii  snmp                      5.2.3-7etch2   NET SNMP (Simple Network Managemen
ii  ucf                       2.0020         Update Configuration File: preserv

Versions of packages cacti recommends:
ii  iputils-ping               3:20020927-6  Tools to test the reachability of 
ii  mysql-server-5.0 [mysql-se 5.0.32-7etch5 mysql database server binaries

-- debconf information excluded



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to