[Git][security-tracker-team/security-tracker][master] Reserve DLA-3798-1 for zabbix

Sun Apr 28 19:39:04 BST 2024


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2f60305a by Adrian Bunk at 2024-04-28T21:38:34+03:00
Reserve DLA-3798-1 for zabbix

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -119630,8 +119630,8 @@ CVE-2022-40627
 	RESERVED
 CVE-2022-40626 (An unauthenticated user can create a link with reflected Javascript co ...)
 	- zabbix 1:6.0.7+dfsg-2
-	[bullseye] - zabbix  <not-affected> (Vulnerable code introduced later)
-	[buster] - zabbix  <not-affected> (Vulnerable code introduced later)
+	[bullseye] - zabbix <not-affected> (Vulnerable code introduced later)
+	[buster] - zabbix <not-affected> (Vulnerable code introduced later)
 	NOTE: https://support.zabbix.com/browse/ZBX-21350
 	NOTE: Introduced by: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/e4000620f1f427cc8df02914125b3b985ad797dc (6.0.0beta3)
 	NOTE: Introduced by: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/56d8343c34c83ac727ab6250c7eb9e6d682b5b1c (6.0.0beta3)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Apr 2024] DLA-3798-1 zabbix - security update
+	{CVE-2024-22119}
+	[buster] - zabbix 1:4.0.4+dfsg-1+deb10u5
 [28 Apr 2024] DLA-3797-1 frr - security update
 	{CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035 CVE-2023-38406 CVE-2023-38407 CVE-2023-46752 CVE-2023-46753 CVE-2023-47234 CVE-2023-47235 CVE-2024-31948 CVE-2024-31949}
 	[buster] - frr 7.5.1-1.1+deb10u2


=====================================
data/dla-needed.txt
=====================================
@@ -327,9 +327,6 @@ wordpress
   NOTE: 20240314: Several CVEs fixed in LTS remain unfixed (no-dsa) in bullseye and
   NOTE: 20240314: bookwork. Uploads to spu and ospu should be coordinated. (roberto)
 --
-zabbix (Adrian Bunk)
-  NOTE: 20240212: Added by Front-Desk (utkarsh)
---
 zookeeper
   NOTE: 20240324: Added by Front-Desk (ta)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f60305ac193975bfef12579e0db4fa9b9388d38

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f60305ac193975bfef12579e0db4fa9b9388d38
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240428/358465aa/attachment.htm>
