[Git][security-tracker-team/security-tracker][master] Add links to patches for CVE-2023-29450/zabbix
Tobias Frost (@tobi)
tobi at debian.org
Fri Aug 11 09:38:59 BST 2023
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ffcfffec by Tobias Frost at 2023-08-11T10:38:36+02:00
Add links to patches for CVE-2023-29450/zabbix
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16818,6 +16818,8 @@ CVE-2023-29451 (Specially crafted string can cause a buffer overrun in the JSON
CVE-2023-29450 (JavaScript pre-processing can be used by the attacker to gain access t ...)
- zabbix <unfixed>
NOTE: https://support.zabbix.com/browse/ZBX-22588
+ NOTE: Patch for 5.0.32rc1: https://github.com/zabbix/zabbix/commit/c3f1543e4
+ NOTE: Patch for 6.0.14rc2: https://github.com/zabbix/zabbix/commit/76f6a80cb
CVE-2023-29449 (JavaScript preprocessing, webhooks and global scripts can cause uncont ...)
- zabbix <unfixed>
[buster] - zabbix <not-affected> (vulnerable code introduced later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffcfffec048a36ea8886e04511bfea1301a09da0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffcfffec048a36ea8886e04511bfea1301a09da0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230811/fd00fd42/attachment.htm>
More information about the debian-security-tracker-commits
mailing list