Index: net-mgmt/cacti/Makefile
===================================================================
--- net-mgmt/cacti/Makefile
+++ net-mgmt/cacti/Makefile
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	cacti
-PORTVERSION=	1.1.27
+PORTVERSION=	1.1.28
 CATEGORIES=	net-mgmt www
 MASTER_SITES=	http://www.cacti.net/downloads/ \
 		ftp://ftpmirror.uk/freebsd-ports/cacti/
Index: net-mgmt/cacti/distinfo
===================================================================
--- net-mgmt/cacti/distinfo
+++ net-mgmt/cacti/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1508833051
-SHA256 (cacti-1.1.27.tar.gz) = b4a5aa2a772aff7eb5abae31d07ed86a1c00300094d3c3c63091554fbb0deea9
-SIZE (cacti-1.1.27.tar.gz) = 8947294
+TIMESTAMP = 1511103203
+SHA256 (cacti-1.1.28.tar.gz) = bc745e10c483512cb882a5858075ee8286dcf3abfc275e8212a7921135e4a2f9
+SIZE (cacti-1.1.28.tar.gz) = 8953179
Index: net-mgmt/cacti/pkg-plist
===================================================================
--- net-mgmt/cacti/pkg-plist
+++ net-mgmt/cacti/pkg-plist
@@ -442,7 +442,6 @@
 %%CACTIDIR%%/include/phpmailer/language/phpmailer.lang-ru.php
 %%CACTIDIR%%/include/phpmailer/language/phpmailer.lang-sk.php
 %%CACTIDIR%%/include/phpmailer/language/phpmailer.lang-sl.php
-%%CACTIDIR%%/include/phpmailer/language/phpmailer.lang-sr.php
 %%CACTIDIR%%/include/phpmailer/language/phpmailer.lang-sv.php
 %%CACTIDIR%%/include/phpmailer/language/phpmailer.lang-tr.php
 %%CACTIDIR%%/include/phpmailer/language/phpmailer.lang-uk.php
@@ -1098,6 +1097,7 @@
 %%CACTIDIR%%/install/upgrades/1_1_17.php
 %%CACTIDIR%%/install/upgrades/1_1_20.php
 %%CACTIDIR%%/install/upgrades/1_1_26.php
+%%CACTIDIR%%/install/upgrades/1_1_28.php
 %%CACTIDIR%%/install/upgrades/index.php
 %%CACTIDIR%%/lib/aggregate.php
 %%CACTIDIR%%/lib/api_aggregate.php
Index: security/vuxml/vuln.xml
===================================================================
--- security/vuxml/vuln.xml
+++ security/vuxml/vuln.xml
@@ -58,6 +58,39 @@
   * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="db570002-ce06-11e7-804e-c85b763a2f96">
+    <topic>cacti -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>cacti</name>
+	<range><lt>1.1.28</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>cacti reports:</p>
+	<blockquote cite="https://www.cacti.net/release_notes.php?version=1.1.28">
+	  <p>Changelog</p>
+	    <p>issue#1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions</p>
+	    <p>issue#1066: CVE-2017-16660 in remote_agent.php logging function</p>
+	    <p>issue#1066: CVE-2017-16661 in view log file</p>
+	    <p>issue#1071: CVE-2017-16785 in global_session.php Reflection XSS</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2017-16641</cvename>
+      <cvename>CVE-2017-16660</cvename>
+      <cvename>CVE-2017-16661</cvename>
+      <cvename>CVE-2017-16785</cvename>
+      <url>https://sourceforge.net/p/cacti/mailman/message/36122745/</url>
+    </references>
+    <dates>
+      <discovery>2017-11-01</discovery>
+      <entry>2017-11-20</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="298829e2-ccce-11e7-92e4-000c29649f92">
     <topic>mediawiki -- multiple vulnerabilities</topic>
     <affects>