latest version: 0.8.8c
 
 Cacti (home)ForumsRepositoryDocumentation

Cacti: The complete RRDTool-based graphing solution.
 
Latest Files
cacti-0.8.8c.tar.gz...
cacti-0.8.8c.zip...

Information
What is Cacti?
Features
Changelog
Screen Shots

Downloads
Download Cacti
Official Patches

Spine (Cactid)
Information
Changelog
Download
Official Patches
Installation

Development
Road Map
SourceForge
SVN Repository
Browse SVN
Report a Bug

Support
Documentation
Forums
Mailing Lists
FAQ

Donate
Support Cacti
Contributers

Release Notes - 0.8.7b

Important Security Fixes

Multiple security vulnerabilities have been discovered in Cacti's web interface:

  • XSS vulnerabilities
  • Path disclosure vulnerabilities
  • SQL injection vulnerabilities
  • HTTP response splitting vulnerabilities

It is highly recommended that all users upgrade immediately. For users whom are unable to upgrade, two different patches have been provided.

Important Bug Fixes

A few minor bugs have been fixed in this release. See the changelog below for complete details.

Upgrade Notes

No SQL changes have been made in this release.

Changelog

bug#0000855: Unnecessary (and faulty) DEF generation for CF:AVERAGE
bug#0001083: Small visual fix for Cacti in "View Cacti Log File"
bug#0001089: Graph xport modification to increase default rows output
bug#0001091: Poller incorrectly identifies unique hosts
bug#0001093: CLI Scripts bring MySQL down on large installations
bug#0001094: Filtering broken on Data Sources page
bug#0001103: Fix looping poller recache events
bug#0001107: ss_fping.php 100% "Pkt Loss" does not work properly
bug#0001114: Graphs with no template and/or no host cause filtering errors on Graph Management page
bug#0001115: View Poller Cache does not show Data Sources that have no host
bug#0001118: Graph Generation fails if e.g. ifDescr contains some blanks
bug#0001132: TCP/UDP ping port ignored
bug#0001133: Downed Device Detection: None leads to database errors
bug#0001134: update_host_status handles ping_availability incorrectly
bug#0001143: "U" not allowed as min/max RRD value
bug#0001158: Deleted user causes error on user log viewer
bug#0001161: Re-assign duplicate radio button IDs
bug#0001164: Add HTML title attributes for certain pages
bug#0001168: ALL_DATA_SOURCES_NODUPS includes DUPs? SIMILAR_DATA_SOURCES_DUPS is available again
bug: Cacti does not guarentee RRA consolidation functions exist in RRA's
bug: Alert on changing logarithmic scaling removed
bug: add_hosts.php did not accept privacy protocol
security: Fix several security vulnerabilities
feature: show basic RRDtool graph options on Graph Template edit
feature: Add additional logging to Graph Xport
feature: Add rows dropdown to devices, graphs and data sources
feature: Add device_id and event count to devices
feature: Add ids to devices, graphs and data sources pages
feature: Add database repair utility
 
 
 
Copyright © 2004-2012 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.


PHP      RRDTool