Debian 9858 Published by

The following two updates has been released for Debian:

[DLA 374-2] cacti regression update
[DLA 376-1] mono security update



[DLA 374-2] cacti regression update

Package : cacti
Version : 0.8.7g-1+squeeze9+deb6u12

It was discovered that there was a regression in the patch intended to fix
CVE-2015-8369 in the recent upload of cacti 0.8.7g-1+squeeze9+deb6u11.

For Debian 6 Squeeze, this issue has been fixed in cacti version
0.8.7g-1+squeeze9+deb6u12.

[DLA 376-1] mono security update

Package : mono
Version : 2.6.7-5.1+deb6u2
CVE ID : CVE-2009-0689

Mono's string-to-double parser may crash, on specially crafted input. This
could theoretically lead to arbitrary code execution.

This issue has been fixed in Debian 6 Squeeze with the version
2.6.7-5.1+deb6u2 of mono. We recommend that you upgrade your
mono packages.