You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe
WHen upgrading Cacti by overwriting the Cacti files directly from the zip/tar archive, any existing files/libraries, which are not being used anymore, will still exist. Examples are the old phpsnmp, phpgettext,phpmailer libraries, which have been moved from the include to the include/vendor sub-directory.
This poses a potential security issue as these libraries still exsit and will not be updated to the latest version.
Describe the solution you'd like
During the Upgrade process, the installer should highlight these left-over files/directories and ask for their removal ( or if possible remove them ). A CLI and/or a Utility function on the web-interface should be available to highlight these files as well.
THe Resource-Cache needs to be cleaned accordingly.
Describe alternatives you've considered
At least a notification should note that files or directories have been changed.
Alternative for an upgrade is to do a clean install in a a new directory and migrating over any plugins/themes/scripts ... manually.
Additional context
Example:
Cacti 1.1.28 has phpmailer 5.2.26 in the include directory
Cacti 1.2.25 has phpmailer 6.1.8 in the include/vendor sub-directory.
Upgrading Cacti 1.1.28 to Cacti 1.2.25 results on both phpmailer versions existing in different version on different paths, with the older phpmailer not being updated anymore.
The text was updated successfully, but these errors were encountered:
The issue with this, is that we are not always in control of the locations and versions of vendor packages. Therefore, what may be considered outdated on one system, may be the latest available on another. Even advising this to the system admin as a suggestion for removal would potentially break things on those systems.
Feature Request
Is your feature request related to a problem? Please describe
WHen upgrading Cacti by overwriting the Cacti files directly from the zip/tar archive, any existing files/libraries, which are not being used anymore, will still exist. Examples are the old phpsnmp, phpgettext,phpmailer libraries, which have been moved from the include to the include/vendor sub-directory.
This poses a potential security issue as these libraries still exsit and will not be updated to the latest version.
Describe the solution you'd like
During the Upgrade process, the installer should highlight these left-over files/directories and ask for their removal ( or if possible remove them ). A CLI and/or a Utility function on the web-interface should be available to highlight these files as well.
THe Resource-Cache needs to be cleaned accordingly.
Describe alternatives you've considered
At least a notification should note that files or directories have been changed.
Alternative for an upgrade is to do a clean install in a a new directory and migrating over any plugins/themes/scripts ... manually.
Additional context
Example:
Cacti 1.1.28 has phpmailer 5.2.26 in the include directory
Cacti 1.2.25 has phpmailer 6.1.8 in the include/vendor sub-directory.
Upgrading Cacti 1.1.28 to Cacti 1.2.25 results on both phpmailer versions existing in different version on different paths, with the older phpmailer not being updated anymore.
The text was updated successfully, but these errors were encountered: