From 649406ea2c081dbb7216af115d73d41a9b54e171 Mon Sep 17 00:00:00 2001
From: Neil Williams <codehelp@debian.org>
Date: Wed, 26 Jan 2022 10:46:51 +0000
Subject: CVE-2021-26247/cacti

Upstream included this fix in the same issue & commit for CVE-2021-3816
---
 data/CVE/2021.list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index f3d488b709..a6449a2d97 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -10234,7 +10234,10 @@ CVE-2021-42554
 CVE-2021-3892
 	REJECTED
 CVE-2021-26247 (As an unauthenticated remote user, visit "http://&lt;CACTI_SERVER&gt;/ ...)
-	TODO: check
+	- cacti 1.2.1+ds1-1
+	NOTE: Addressed as a side-note in the same issue and fix for CVE-2021-3816
+	NOTE: https://github.com/Cacti/cacti/issues/1882
+	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/2b8097c06030ab72c5b3bdadb23dceb5332f0e94 (1.2.0-beta1)
 CVE-2021-23225 (Cacti 1.1.38 allows authenticated users with User Management permissio ...)
 	- cacti 1.2.1+ds1-1
 	NOTE: https://github.com/Cacti/cacti/issues/1882
-- 
cgit v1.2.3