latest version: 0.8.8b
 
 Cacti (home)ForumsRepositoryDocumentation

Cacti: The complete RRDTool-based graphing solution.
 
Latest Files
cacti-0.8.8b.tar.gz...
cacti-0.8.8b.zip...

Information
What is Cacti?
Features
Changelog
Screen Shots

Downloads
Download Cacti
Official Patches
Additional Scripts

Spine (Cactid)
Information
Changelog
Download
Official Patches
Installation

Development
Road Map
SourceForge
SVN Repository
Browse SVN
Report a Bug

Support
Documentation
Forums
Mailing Lists
FAQ

Donate
Support Cacti
Contributers

Release Notes - 0.8.7f

Important Security Fixes

  • SQL injection and shell escaping issues reported by Bonsai Information Security (http://www.bonsai-sec.com)
  • Cross-site scripting issues reported by VUPEN Security (http://www.vupen.com)
  • MOPS-2010-023: Cacti Graph Viewer SQL Injection Vulnerability (http://php-security.org)

Important Bug Fixes and Features

There are quite a few bug fixes in the 0.8.7f release. Some highlights include:

  • Fixed various issues with exporting and importing templates that contain special characters
  • Fixed condition that could cause RRDtool to segfault
  • Many fixes to html generation and presentation

Important Notices

  • Boost 4.0 Plugin is required to work with Cacti 0.8.7f

Changelog

security: SQL injection and shell escaping issues reported by Bonsai Information Security (http://www.bonsai-sec.com)
security: Cross-site scripting issues reported by VUPEN Security (http://www.vupen.com)
security: MOPS-2010-023: Cacti Graph Viewer SQL Injection Vulnerability (http://php-security.org)
bug#0001125: XML parse error on template import with degree symbol
bug#0001311: Access denied for graph-only users when accessing index.php directly
bug#0001366: Exported data templates do not import special characters properly
bug#0001416: Graph Export fails with EXPORT FATAL ERROR: Export path /some/path/root/export is within a system path /root. Can not continue.
bug#0001452: Missing "<" and ">" in "Collection Methods=>Data Input Methods=>"Input String" after importing template
bug#0001461: Data query export/import fails
bug#0001492: RRDTool 1.3 series fonts (fontconfig) support
bug#0001506: Reindexing fails due to global include issue in lib/snmp.php
bug#0001522: Special characters break parsing of template data
bug#0001524: Export graphs and Classical Presentation does not honor per graph export rules
bug#0001528: ICMP Ping availabilty broken in UI for Windows Servers using IIS
bug#0001535: No display of parent ID in tree nodes for CLI tree add script
bug#0001543: All graphs are exported dispite graph export rules
bug#0001549: Function array_to_sql_or creates poor sql where clauses
bug#0001557: Quotes in Text Format graph template field break graph rendering
bug#0001587: 64bit HEX Strings don't convert to Decimal on 32bit Systems
bug#0001604: HEX Counter values enclosed in quotes not recognized as HEX
bug#0001609: Script server timeout too aggressive with 10 second poller interval
bug#0001628: Inconsistent message for Change SNMP Options related to available buttons
bug#0001695: Suppress deprecated warnings in Cacti code
bug#0001725: PHP Fatal Error while trying to add a tree node via cli
bug: When creating new graphs without a data source, print error to user instead of throwing php error
bug: Browser query string does not contain arguments
bug: Function inject_form_variables does not operate if more than 1 variable needs replacing
bug: Script imposed memory limits cause issues with some scripts
bug: Turn off process leveling if there are not enough poller items to substantiate it
bug: Add device should allow no-snmp type devices
bug: Firefox Autocomplete causes issues with password validation
bug: Access Denied messages don't allow re-direction to login page
bug: When clearing filter on new-graphs don't clear host or template
bug: When clearing filter, reset page to 1 for all queries
bug: Graph List selectors do not persist between pages
bug: allow empty [upper|lower]_limit even without autoscaling
bug: Availability method Ping or SNMP generates meaningless warnings
feature: Add logging to SQL Save error handling
feature: Add utility to convert database to InnoDB
feature: Return nav as the title for the page
feature: Detect and correct for RRDtool segfaults
feature: Add rra_id for hosts and graphs to be used during tree export
feature: Make the Graphs pages render like the rest of Cacti
feature: Convert base Cacti UI to use buttons and not images
feature: Make poller sane so that it can be used by other cacti processes
feature: Add snmp timeout warnings for lib/snmp.php
 
 
 
Copyright © 2004-2012 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.


PHP      RRDTool