hey will, thanks for the additional info.
On Tue, 2007-01-09 at 01:03 -0500, Will Roberts wrote: > There are other files that can be exploited under certain conditions. > This post in the cacti forum has a list of the affected files: > http://forums.cacti.net/post-87558.html#87558 > > They have also released patches for this, so is there any reason not to > just use the upstream patches that fix all the vulnerabilities that they > found? > > http://cacti.net/download_patches.php > > I apologize if this is out of line, but I too got bitten by this. i've also seen a report in the cacti upstream BTS that the patches in question break certain functionality. could you try applying the patches and figuring out if there's an obvious fix for it? the upstream bug report (about the regression) is: http://bugs.cacti.net/view.php?id=890 i'll be on vacation for another week or so, so if someone hasn't taken charge of this by the middle of next week i should be able to get a fix out. sean
signature.asc
Description: This is a digitally signed message part
