[Git][security-tracker-team/security-tracker][master] Triaging CVE-2024-36466/zabbix
Tobias Frost (@tobi)
tobi at debian.org
Sun Dec 1 17:51:08 GMT 2024
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b07a99be by Tobias Frost at 2024-12-01T18:49:41+01:00
Triaging CVE-2024-36466/zabbix
Upstream patch, identified by DEV-ticket DEV-3225 mentioned in ZBX-25635.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -385,6 +385,8 @@ CVE-2024-38309 (There are multiple stack-based buffer overflow vulnerabilities i
CVE-2024-36466 (A bug in the code allows an attacker to sign a forged zbx_session cook ...)
- zabbix 1:7.0.1+dfsg-1
NOTE: https://support.zabbix.com/browse/ZBX-25635
+ NOTE: fixed for 6.0.x in 6.0.32rc1
+ NOTE: fixed by: https://github.com/zabbix/zabbix/commit/48e7615d1e1e3a5f543505cc6cb0a5564a655b58 (6.0.x)
CVE-2024-11933 (Fuji Electric Monitouch V-SFT X1 File Parsing Heap-based Buffer Overfl ...)
NOT-FOR-US: Fuji
CVE-2024-11925 (The JobSearch WP Job Board plugin for WordPress is vulnerable to privi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b07a99bef6f2343dcb7eed89cba5897d47a5e0d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b07a99bef6f2343dcb7eed89cba5897d47a5e0d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241201/c4da313a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list