cacti (1.2.16+ds1-2) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/cacti-team/cacti.git
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Browser: https://salsa.debian.org/cacti-team/cacti
Last scan: 2021-05-07 15:25:12+00
Next scan: 2021-05-16 05:28:00+00
CI pipeline status: failed

Debian changelog in Git:

cacti (1.2.16+ds1-2) unstable; urgency=medium

  * Add 0001-Fixing-Issue-4022.patch (Closes: #979998)
    - CVE-2020-35701: SQL injection via data_debug.php
  * Add 0001-Fixing-Issue-4019.patch
    There are a few places in the current code where an attacker, once
    having gained access to the Cacti database through a SQL injection,
    could modify data in tables to possibly expose an stored XSS bug in
    Cacti.

 -- Paul Gevers <elbrus@debian.org>  Sun, 17 Jan 2021 21:26:01 +0100

This branch is even with tag debian/1.2.16+ds1-2