[Git][security-tracker-team/security-tracker][master] Add links to patches for CVE-2023-29450/zabbix

Tobias Frost (@tobi) tobi at debian.org
Fri Aug 11 09:38:59 BST 2023



Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ffcfffec by Tobias Frost at 2023-08-11T10:38:36+02:00
Add links to patches for CVE-2023-29450/zabbix

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16818,6 +16818,8 @@ CVE-2023-29451 (Specially crafted string can cause a buffer overrun in the JSON
 CVE-2023-29450 (JavaScript pre-processing can be used by the attacker to gain access t ...)
 	- zabbix <unfixed>
 	NOTE: https://support.zabbix.com/browse/ZBX-22588
+	NOTE: Patch for 5.0.32rc1: https://github.com/zabbix/zabbix/commit/c3f1543e4
+	NOTE: Patch for 6.0.14rc2: https://github.com/zabbix/zabbix/commit/76f6a80cb
 CVE-2023-29449 (JavaScript preprocessing, webhooks and global scripts can cause uncont ...)
 	- zabbix <unfixed>
 	[buster] - zabbix <not-affected> (vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffcfffec048a36ea8886e04511bfea1301a09da0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffcfffec048a36ea8886e04511bfea1301a09da0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230811/fd00fd42/attachment.htm>


More information about the debian-security-tracker-commits mailing list