Cacti® - The Complete RRDTool-based Graphing Solution

latest version: 1.1.30

Cacti: The complete RRDTool-based graphing solution.

Information
What is Cacti?
Features
Changelog

Downloads
Cacti
Spine

Development
Support Cacti
Report an Issue
GitHub

Support
Documentation
Forums
Mailing Lists
FAQ

Spine
Information
Changelog

Release Notes - 0.8.6j

Important Security Fixes

Multiple security vulnerabilities have been discovered in Cacti's PHP-based poller. See below for additional information.

CVE-2006-6799: Cacti Command Execution and SQL Injection Vulnerabilities

It is highly recommended that all users upgrade immediately. For users whom are unable to upgrade, two different patches have been provided.

for users of 0.8.6i: Download the patch for the poller and the default scripts.
for users of 0.8.6h: Download the patch for the poller and the default scripts.

Important Bug Fixes

A few minor bugs have been fixed in this release. See the changelog below for complete details.

Upgrade Notes

No SQL changes have been made in this release.

Changelog

bug#0000842: SNMPv3 password field does not check if entered passwords match.
bug#0000848: Fix "PHP Script Server communications lost" error in the poller under high network load.
bug#0000859: User log "purge" now keeps the last successful login.
bug#0000861: Use downed host detection even when the SNMP community is blank.
bug#0000864: Apply natural sort to graph items in the tree.
bug#0000867: Apply various cleanups to poller.php and lib/poller.php.
bug#0000870: Add sorting to the graph templates list on the "Change Graph Template" page.
bug#0000877: Fix issue that caused PHP 5.2.0 to break the Windows cmd.php poller.
bug#0000882: Add "collapsible" branches to the graph tree editor.
bug#0000883: Fix exploit in cmd.php with register_argc_argv enabled in PHP.
bug#0000884: Add bottom navigation bar to graph viewing.
bug#0000885: Fix issue causing spaces to be removed when importing/exporting data input methods.
bug#0000886: Allow SNMP ping to utilize the snmpgetnext call instead of snmpget.
bug#0000890: Fix issue with dec-vulnerability-poller patch breaking graph_view.php.
bug#0000892: Fix hostname sorting on the devices page for IP addresses.
bug#0000894: poller.php does not give any output with MySQL disabled in CLI's php.ini.
bug: Template export produces invalid XML escaped character encoding.
bug: Data queries were not sorted properly during initial display.
bug: Apply various graph changes required for Boost plugin.
bug: If your system has no hosts or graphs, you would get a warning when creating new graphs.
bug: If using the CGI version of PHP, the script server risked not starting properly.