An update that fixes four vulnerabilities is now available.
Description:
This update for cacti, cacti-spine fixes the following issues:
cacti 1.2.13:
switch from cron to systemd timers (boo#1115436):
avoid potential root escalation on systems with fs.protected_hardlinks=0
(boo#1154087): handle directory permissions in file section instead
of using chown during post installation
rewrote apache configuration to get rid of .htaccess files and
explicitely disable directory permissions per default (only allow a
limited, well-known set of directories)
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Backports SLE-15-SP1:
zypper in -t patch openSUSE-2020-1106=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Backports SLE | 15-SP1 | aarch64 | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.aarch64.rpm |
openSUSE Backports SLE | 15-SP1 | ppc64le | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm |
openSUSE Backports SLE | 15-SP1 | s390x | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.s390x.rpm |
openSUSE Backports SLE | 15-SP1 | x86_64 | - opensuse backports sle | < 15-SP1 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
openSUSE Backports SLE | 15-SP1 | noarch | - opensuse backports sle | < 15-SP1 (noarch): | - openSUSE Backports SLE-15-SP1 (noarch):.noarch.rpm |