openSUSE Security Update: Security update for cacti ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0663-1 Rating: low References: #1022564 Cross-References: CVE-2014-4000 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for cacti fixes the following vulnerabilities: - CVE-2014-4000: PHP Object Injection Vulnerabilities (boo#1022564) It also updates cacti to version 1.0.4 to include the latest upstream bugfixes and improvements. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-325=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-325=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (noarch): cacti-1.0.4-14.1 cacti-doc-1.0.4-14.1 - openSUSE Leap 42.1 (noarch): cacti-1.0.4-14.1 cacti-doc-1.0.4-14.1 References: https://www.suse.com/security/cve/CVE-2014-4000.html https://bugzilla.suse.com/1022564