Bugzilla – Bug 1158992
VUL-0: CVE-2019-17358: cacti: Unsafe deserialization in sanitize_unserialize_selected_items
Last modified: 2020-04-30 19:23:15 UTC
CVE-2019-17358 Issue: https://github.com/Cacti/cacti/issues/3026 Fix: https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8 All openSUSE versions affected References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17358 http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17358.html
https://build.opensuse.org/request/show/769369 https://build.opensuse.org/request/show/769370
This is an autogenerated message for OBS integration: This bug (1158992) was mentioned in https://build.opensuse.org/request/show/769371 15.1+Backports:SLE-15-SP1 / cacti+cacti-spine
This is an autogenerated message for OBS integration: This bug (1158992) was mentioned in https://build.opensuse.org/request/show/774590 15.1 / cacti+cacti-spine
openSUSE-SU-2020:0272-1: An update that solves 10 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1082318,1101024,1101139,1122242,1122243,1122244,1122245,1122535,1158990,1158992,1161297,1163749 CVE References: CVE-2009-4112,CVE-2018-20723,CVE-2018-20724,CVE-2018-20725,CVE-2018-20726,CVE-2019-16723,CVE-2019-17357,CVE-2019-17358,CVE-2020-7106,CVE-2020-7237 Sources used: openSUSE Leap 15.1 (src): cacti-1.2.9-lp151.3.3.1, cacti-spine-1.2.9-lp151.3.3.1
openSUSE-SU-2020:0284-1: An update that solves 10 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1082318,1101024,1101139,1122242,1122243,1122244,1122245,1122535,1158990,1158992,1161297,1163749 CVE References: CVE-2009-4112,CVE-2018-20723,CVE-2018-20724,CVE-2018-20725,CVE-2018-20726,CVE-2019-16723,CVE-2019-17357,CVE-2019-17358,CVE-2020-7106,CVE-2020-7237 Sources used: openSUSE Backports SLE-15-SP1 (src): cacti-1.2.9-bp151.4.3.1, cacti-spine-1.2.9-bp151.4.3.1
done
This is an autogenerated message for OBS integration: This bug (1158992) was mentioned in https://build.opensuse.org/request/show/793099 15.1+Backports:SLE-12 / cacti+cacti-spine
openSUSE-SU-2020:0558-1: An update that fixes 11 vulnerabilities is now available. Category: security (important) Bug References: 1082318,1122242,1122243,1122244,1122245,1122535,1158990,1158992,1161297,1164675,1169215 CVE References: CVE-2009-4112,CVE-2018-20723,CVE-2018-20724,CVE-2018-20725,CVE-2018-20726,CVE-2019-16723,CVE-2019-17357,CVE-2019-17358,CVE-2020-7106,CVE-2020-7237,CVE-2020-8813 Sources used: SUSE Package Hub for SUSE Linux Enterprise 12 (src): cacti-1.2.11-5.1, cacti-spine-1.2.11-2.1
openSUSE-SU-2020:0558-1: An update that fixes 11 vulnerabilities is now available. Category: security (important) Bug References: 1082318,1122242,1122243,1122244,1122245,1122535,1158990,1158992,1161297,1164675,1169215 CVE References: CVE-2009-4112,CVE-2018-20723,CVE-2018-20724,CVE-2018-20725,CVE-2018-20726,CVE-2019-16723,CVE-2019-17357,CVE-2019-17358,CVE-2020-7106,CVE-2020-7237,CVE-2020-8813 Sources used: openSUSE Leap 15.1 (src): cacti-1.2.11-lp151.3.6.1, cacti-spine-1.2.11-lp151.3.6.1 SUSE Package Hub for SUSE Linux Enterprise 12 (src): cacti-1.2.11-5.1, cacti-spine-1.2.11-2.1
openSUSE-SU-2020:0565-1: An update that fixes 11 vulnerabilities is now available. Category: security (important) Bug References: 1082318,1122242,1122243,1122244,1122245,1122535,1158990,1158992,1161297,1164675,1169215 CVE References: CVE-2009-4112,CVE-2018-20723,CVE-2018-20724,CVE-2018-20725,CVE-2018-20726,CVE-2019-16723,CVE-2019-17357,CVE-2019-17358,CVE-2020-7106,CVE-2020-7237,CVE-2020-8813 Sources used: openSUSE Backports SLE-15-SP1 (src): cacti-1.2.11-bp151.4.6.1, cacti-spine-1.2.11-bp151.4.6.1