[arch-commits] Commit in cacti/trunk (PKGBUILD cacti-1.2.16-CVE-2020-35701.patch)
David Runge
dvzrv at archlinux.org
Fri May 14 18:07:19 UTC 2021
Date: Friday, May 14, 2021 @ 18:07:19
Author: dvzrv
Revision: 934290
upgpkg: cacti 1.2.17-1: Upgrade to 1.2.17.
Remove now included patch for CVE-2020-35701.
Modified:
cacti/trunk/PKGBUILD
Deleted:
cacti/trunk/cacti-1.2.16-CVE-2020-35701.patch
-----------------------------------+
PKGBUILD | 13 ++++---------
cacti-1.2.16-CVE-2020-35701.patch | 22 ----------------------
2 files changed, 4 insertions(+), 31 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-05-14 18:06:44 UTC (rev 934289)
+++ PKGBUILD 2021-05-14 18:07:19 UTC (rev 934290)
@@ -3,8 +3,8 @@
# Contributor: tuxbubling <tuxbubling at jabber.fr>
pkgname=cacti
-pkgver=1.2.16
-pkgrel=3
+pkgver=1.2.17
+pkgrel=1
pkgdesc="Network graphing solution using RRDTool"
arch=('any')
url="https://www.cacti.net"
@@ -17,18 +17,15 @@
backup=('etc/webapps/cacti/.htaccess'
'etc/webapps/cacti/config.php')
source=("https://www.${pkgname}.net/downloads/${pkgname}-${pkgver}.tar.gz"
- "${pkgname}-1.2.16-CVE-2020-35701.patch"
"${pkgname}.uwsgi"
"${pkgname}.sysusers"
"${pkgname}.tmpfiles")
install="${pkgname}.install"
-sha512sums=('fe22acf4dea8ab6ec79825d66a84ad4c43fdce2815e7327536d182bc04400ed7b1d268209bbbca8b307c4779ee5bf7369a617ec1f052d8805757c2ca9b30cc35'
- '8c193f52e5478e12f93152356bce085ed7468b1e19657ae92150bb1eee662020fc4f89d5b7aa507465b82b5224834fd78eaa4389e6007136e1fc7df6e7f115a6'
+sha512sums=('94ae75b2494a91c536906c7bbeaa948d16c7ad96ed3a62c1eb21175f92c01787c6849960bbc791e04b3df46edbfd3cd787eb825bb423ce0814c0904edb2c915d'
'ba421785a3a86535dba210b5ac34ad059fac72b809a9027308d047a967de43aa204eda56e129b28f6400859427de123734b338c5d8cd3da1944893fa3ef33e48'
'847e2b791de44d0790a2fdb81c77c8af9a66da9d44500f3f8a8d1c0f406d3a20082cc8fef1c6afe4de93ad989d35c79c9809abe14693a9ac6ea74d4696e3b6c1'
'e833e411f74e77773c32589ba83cb1b2f28ca9b35931626480ab7daa63420d47ecfc3061e6703323646b69e1d98536b6f3afdd36faa483fb13aac9b818af0c6e')
-b2sums=('19939d0ff79c895b481aeb7ffec8331d8b9c10a6b7e0dbda6532e06ef0322f21cf02f4bf53a9522e1f672dd04b343f5550e2f34f08b3af2050e1f72465cffc43'
- 'a64a7ef5de93c2906c9fa5c713bf87e451eeaed297efd67b514fa47fdf11262a39d96f8e1be8bfd7c04fa74d31f830f826bcfd3a71a8230ec7454e360f7540bd'
+b2sums=('e555fc99560d10e94181c38b50e6f839532fb3dc66ff688b36a7efd10c15304e7636c9b4b483763fcea751317bcb283bb2bd8f813d5759c98aed6bbf02fd256a'
'880cfc1a87abd95a624ffef6f1ae5ac416b4020ae40edc32355314bb33b5003b21ab8ed082b520d70b166739a1b056339cca7b6a6bb82167c14925ae3ca0d34f'
'2ec9956b690ab9244e31a58d295ab56b5d0df9fc9586c74edbd55c12d3383430b8a1a8a708d7d747abadb67eee42094562da510ddfc7797978c2683e7b86a252'
'0a532bbbd07b21da18ea21eec3f268510740069fb732e3d387f224b93f0539e3e968ba6332bf647ff62f2d98910abc33e35a3e82d335cf7d29a503609e22651f')
@@ -37,8 +34,6 @@
# adding default .htaccess
echo "Require all denied" > "${pkgname}-htaccess"
cd "${pkgname}-${pkgver}"
- # fix CVE-2020-35701: https://bugs.archlinux.org/task/69300
- patch -Np1 -i "../${pkgname}-1.2.16-CVE-2020-35701.patch"
# setting correct install path for spine
sed -e 's|/usr/local/spine/bin/spine|/usr/bin/spine|g' \
-i install/functions.php
Deleted: cacti-1.2.16-CVE-2020-35701.patch
===================================================================
--- cacti-1.2.16-CVE-2020-35701.patch 2021-05-14 18:06:44 UTC (rev 934289)
+++ cacti-1.2.16-CVE-2020-35701.patch 2021-05-14 18:07:19 UTC (rev 934290)
@@ -1,22 +0,0 @@
-diff --git a/data_debug.php b/data_debug.php
-index 1bbed6a0a..a7ffe0829 100644
---- a/data_debug.php
-+++ b/data_debug.php
-@@ -35,6 +35,8 @@
-
- set_default_action();
-
-+validate_request_vars();
-+
- switch (get_request_var('action')) {
- case 'actions':
- form_actions();
-@@ -123,8 +125,6 @@
-
- break;
- default:
-- validate_request_vars();
--
- $refresh = array(
- 'seconds' => get_request_var('refresh'),
- 'page' => 'data_debug.php?header=false',
More information about the arch-commits
mailing list