cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFH: r409474

Browse Source 
Update to 0.8.8g

PR:		207444
Security:	CVE-2015-8377
Security:	CVE-2015-8604
Security:	CVE-2016-2313
Security:	https://vuxml.FreeBSD.org/freebsd/db3301be-e01c-11e5-b2bd-002590263bf5.html
Approved by:	ports-secteam (with hat)
This commit is contained in:
Jason Unovitch 2016-03-02 02:32:24 +00:00
parent 0aca686cde
commit fbed34b0fd
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/branches/2016Q1/; revision=409907
4 changed files with 4 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
net-mgmt/cacti/Makefile
View File

@ -1,8 +1,7 @@
# $FreeBSD$
PORTNAME= cacti
PORTVERSION= 0.8.8f${PATCHLEVEL}
PORTREVISION= 2
PORTVERSION= 0.8.8g${PATCHLEVEL}
CATEGORIES= net-mgmt www
MASTER_SITES= http://www.cacti.net/downloads/ \
ftp://ftpmirror.uk/freebsd-ports/cacti/

4
net-mgmt/cacti/distinfo
View File

@ -1,2 +1,2 @@
SHA256 (cacti-0.8.8f.tar.gz) = 2ea92407c11bf13302558a5bc9e1f3a57bd14a1d9ded48c505ec495762f76738
SIZE (cacti-0.8.8f.tar.gz) = 2594409
SHA256 (cacti-0.8.8g.tar.gz) = 3187bd5054ae4e54496bb23187f14c79a441fedcfd397a2d27cd60179f0dee33
SIZE (cacti-0.8.8g.tar.gz) = 2584879

218
net-mgmt/cacti/files/patch-CVE-2015-8369
View File

@ -1,218 +0,0 @@
------------------------------------------------------------------------
r7767 | cigamit | 2015-11-28 20:08:16 +0000 (Sat, 28 Nov 2015) | 1 line
Changed paths:
M /cacti/tags/0.8.8g/docs/CHANGELOG
M /cacti/tags/0.8.8g/graph.php
M /cacti/tags/0.8.8g/include/top_graph_header.php
------------------------------------------------------------------------
-bug:0002646: SQL injection in graph.php
--- graph.php (revision 7766)
+++ graph.php (revision 7767)
@@ -32,29 +32,29 @@
api_plugin_hook_function('graph');
-include_once("./lib/html_tree.php");
-include_once("./include/top_graph_header.php");
-
/* ================= input validation ================= */
-input_validate_input_regex(get_request_var("rra_id"), "^([0-9]+|all)$");
-input_validate_input_number(get_request_var("local_graph_id"));
-input_validate_input_number(get_request_var("graph_end"));
-input_validate_input_number(get_request_var("graph_start"));
+input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
+input_validate_input_number(get_request_var_request("local_graph_id"));
+input_validate_input_number(get_request_var_request("graph_end"));
+input_validate_input_number(get_request_var_request("graph_start"));
input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
/* ==================================================== */
-if (!isset($_GET['rra_id'])) {
- $_GET['rra_id'] = 'all';
+include_once("./lib/html_tree.php");
+include_once("./include/top_graph_header.php");
+
+if (!isset($_REQUEST['rra_id'])) {
+ $_REQUEST['rra_id'] = 'all';
}
-if ($_GET["rra_id"] == "all") {
+if ($_REQUEST["rra_id"] == "all") {
$sql_where = " where id is not null";
}else{
- $sql_where = " where id=" . $_GET["rra_id"];
+ $sql_where = " where id=" . $_REQUEST["rra_id"];
}
/* make sure the graph requested exists (sanity) */
-if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_GET["local_graph_id"]))) {
+if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_REQUEST["local_graph_id"]))) {
print "<strong><font size='+1' color='FF0000'>GRAPH DOES NOT EXIST</font></strong>"; exit;
}
@@ -61,7 +61,7 @@
/* take graph permissions into account here, if the user does not have permission
give an "access denied" message */
if (read_config_option("auth_method") != 0) {
- $access_denied = !(is_graph_allowed($_GET["local_graph_id"]));
+ $access_denied = !(is_graph_allowed($_REQUEST["local_graph_id"]));
if ($access_denied == true) {
print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit;
@@ -68,7 +68,7 @@
}
}
-$graph_title = get_graph_title($_GET["local_graph_id"]);
+$graph_title = get_graph_title($_REQUEST["local_graph_id"]);
if ($_REQUEST["view_type"] == "tree") {
print "<table width='100%' style='background-color: #ffffff; border: 1px solid #ffffff;' align='center' cellspacing='0' cellpadding='3'>";
@@ -76,15 +76,15 @@
print "<table width='100%' style='background-color: #f5f5f5; border: 1px solid #bbbbbb;' align='center' cellspacing='0' cellpadding='3'>";
}
-$rras = get_associated_rras($_GET["local_graph_id"]);
+$rras = get_associated_rras($_REQUEST["local_graph_id"]);
switch ($_REQUEST["action"]) {
case 'view':
api_plugin_hook_function('page_buttons',
- array('lgid' => $_GET["local_graph_id"],
+ array('lgid' => $_REQUEST["local_graph_id"],
'leafid' => '',//$leaf_id,
'mode' => 'mrtg',
- 'rraid' => $_GET["rra_id"])
+ 'rraid' => $_REQUEST["rra_id"])
);
?>
<tr class='tableHeader'>
@@ -105,13 +105,13 @@
<table width='1' cellpadding='0'>
<tr>
<td>
- <img class='graphimage' id='graph_<?php print $_GET["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
+ <img class='graphimage' id='graph_<?php print $_REQUEST["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
</td>
<td valign='top' style='padding: 3px;' class='noprint'>
- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
- <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?>
+ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
+ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
+ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
+ <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?>
<a href='#page_top'><img src='<?php print $config['url_path']; ?>images/graph_page_top.gif' border='0' alt='Page Top' title='Page Top' style='padding: 3px;'></a><br>
</td>
</tr>
@@ -143,7 +143,7 @@
}
/* fetch information for the current RRA */
- $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_GET["rra_id"]);
+ $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_REQUEST["rra_id"]);
/* define the time span, which decides which rra to use */
$timespan = -($rra["timespan"]);
@@ -154,7 +154,7 @@
FROM (data_template_data,data_template_rrd,graph_templates_item)
WHERE graph_templates_item.task_item_id=data_template_rrd.id
AND data_template_rrd.local_data_id=data_template_data.local_data_id
- AND graph_templates_item.local_graph_id=" . $_GET["local_graph_id"] .
+ AND graph_templates_item.local_graph_id=" . $_REQUEST["local_graph_id"] .
" LIMIT 0,1");
$ds_step = empty($ds_step) ? 300 : $ds_step;
$seconds_between_graph_updates = ($ds_step * $rra["steps"]);
@@ -161,17 +161,17 @@
$now = time();
- if (isset($_GET["graph_end"]) && ($_GET["graph_end"] <= $now - $seconds_between_graph_updates)) {
- $graph_end = $_GET["graph_end"];
+ if (isset($_REQUEST["graph_end"]) && ($_REQUEST["graph_end"] <= $now - $seconds_between_graph_updates)) {
+ $graph_end = $_REQUEST["graph_end"];
}else{
$graph_end = $now - $seconds_between_graph_updates;
}
- if (isset($_GET["graph_start"])) {
- if (($graph_end - $_GET["graph_start"])>$max_timespan) {
+ if (isset($_REQUEST["graph_start"])) {
+ if (($graph_end - $_REQUEST["graph_start"])>$max_timespan) {
$graph_start = $now - $max_timespan;
}else {
- $graph_start = $_GET["graph_start"];
+ $graph_start = $_REQUEST["graph_start"];
}
}else{
$graph_start = $now + $timespan;
@@ -186,7 +186,7 @@
graph_templates_graph.height,
graph_templates_graph.width
from graph_templates_graph
- where graph_templates_graph.local_graph_id=" . $_GET["local_graph_id"]);
+ where graph_templates_graph.local_graph_id=" . $_REQUEST["local_graph_id"]);
$graph_height = $graph["height"];
$graph_width = $graph["width"];
@@ -214,12 +214,12 @@
<table width='1' cellpadding='0'>
<tr>
<td>
- <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
+ <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'>
</td>
<td valign='top' style='padding: 3px;' class='noprint'>
- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
- <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
+ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a>
+ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
+ <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
</td>
</tr>
<tr>
@@ -249,17 +249,17 @@
<table width='1' cellpadding='0'>
<tr>
<td>
- <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&graph_start=" . (isset($_GET["graph_start"]) ? $_GET["graph_start"] : "0") . "&graph_end=" . (isset($_GET["graph_end"]) ? $_GET["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'>
+ <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&graph_start=" . (isset($_REQUEST["graph_start"]) ? $_REQUEST["graph_start"] : "0") . "&graph_end=" . (isset($_REQUEST["graph_end"]) ? $_REQUEST["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'>
</td>
<td valign='top' style='padding: 3px;'>
- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
- <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
+ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br>
+ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br>
+ <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?>
</td>
</tr>
<tr>
<td colspan='2' align='center'>
- <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_GET["rra_id"]));?></strong>
+ <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_REQUEST["rra_id"]));?></strong>
</td>
</tr>
</table>
--- include/top_graph_header.php (revision 7766)
+++ include/top_graph_header.php (revision 7767)
@@ -146,12 +146,12 @@
$graph_data_array["print_source"] = true;
/* override: graph start time (unix time) */
- if (!empty($_GET["graph_start"])) {
+ if (!empty($_REQUEST["graph_start"])) {
$graph_data_array["graph_start"] = get_request_var_request("graph_start");
}
/* override: graph end time (unix time) */
- if (!empty($_GET["graph_end"])) {
+ if (!empty($_REQUEST["graph_end"])) {
$graph_data_array["graph_end"] = get_request_var_request("graph_end");
}

2
net-mgmt/cacti/pkg-plist
View File

@ -137,7 +137,6 @@
%%CACTIDIR%%/docs/html/user_management.html
%%CACTIDIR%%/docs/html/using_spine.html
%%CACTIDIR%%/docs/html/variables.html
%%CACTIDIR%%/docs/pdf/README
%%CACTIDIR%%/docs/txt/manual.txt
%%CACTIDIR%%/gprint_presets.php
%%CACTIDIR%%/graph.php
@ -348,6 +347,7 @@
%%CACTIDIR%%/install/0_8_8c_to_0_8_8d.php
%%CACTIDIR%%/install/0_8_8d_to_0_8_8e.php
%%CACTIDIR%%/install/0_8_8e_to_0_8_8f.php
%%CACTIDIR%%/install/0_8_8f_to_0_8_8g.php
%%CACTIDIR%%/install/0_8_to_0_8_1.php
%%CACTIDIR%%/install/index.php
%%CACTIDIR%%/install/install_finish.gif