stable

cacti-1.2.30-1.el9 and cacti-spine-1.2.30-1.el9

FEDORA-EPEL-2025-19d7286f00 created by carlwgeorge 8 months ago for Fedora EPEL 9

Update cacti and cacti-spine to version 1.2.30. This includes the upstream fixes for many CVEs, including several remote code execution bugs.

This update's test gating status has been changed to 'waiting'.

8 months ago

This update has been submitted for testing by bodhi.

8 months ago

This update's test gating status has been changed to 'ignored'.

8 months ago

carlwgeorge edited this update.

8 months ago

This update has been pushed to testing.

8 months ago

This update has been submitted for stable by bodhi.

8 months ago

This update has been pushed to stable.

8 months ago
User Icon k3nn13 commented & provided feedback 8 months ago

After installing the new packages, i got an error: Fatal, not able to connect to cacti database. If found a fix/workaround.

In the /usr/share/cacti/include directory there was a link for config.php.dist to /etc/cacti/db.php but not a symlink for config.php. After i added the symlink for config.php to /etc/cacti/db.php the upgrade was possible

Please log in to add feedback.

Metadata
Type
security
Severity
urgent
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
8 months ago
in testing
8 months ago
in stable
8 months ago
modified
8 months ago
approved
8 months ago
Builds
2
cacti-1.2.30-1.el9
cacti-spine-1.2.30-1.el9
BZ#2317099 CVE-2024-43363 cacti: Remote code execution via Log Poisoning in Cacti [epel-9]
0
0
BZ#2317102 CVE-2024-43362 cacti: Stored Cross-site Scripting (XSS) when creating external links in Cacti [epel-9]
0
0
BZ#2317106 CVE-2024-43364 cacti: Stored Cross-site Scripting (XSS) when creating external links in Cacti [epel-9]
0
0
BZ#2317110 CVE-2024-43365 cacti: Stored Cross-site Scripting (XSS) when creating external links in Cacti [epel-9]
0
0
BZ#2342334 CVE-2024-45598 cacti: Cacti has a Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path [epel-9]
0
0
BZ#2342340 CVE-2025-24367 cacti: Cacti allows Arbitrary File Creation leading to RCE [epel-9]
0
0
BZ#2342355 CVE-2025-24368 cacti: Cacti has a SQL Injection vulnerability when using tree rules through Automation API [epel-9]
0
0
BZ#2342358 CVE-2025-22604 cacti: Cacti has Authenticated RCE via multi-line SNMP responses [epel-9]
0
0
BZ#2342360 CVE-2024-54146 cacti: Cacti has a SQL Injection vulnerability when view host template [epel-9]
0
0
BZ#2342362 CVE-2024-54145 cacti: Cacti has a SQL Injection vulnerability when request automation devices [epel-9]
0
0
BZ#2345161 CVE-2025-26520 cacti: SQL Injection in Cacti [epel-9]
0
0
cacti-1.2.30-1.el9
cacti-spine-1.2.30-1.el9

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.11.2 on bodhi-web-13-89lkh.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy