[Git][security-tracker-team/security-tracker][master] Review update for CVE-2024-36467

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
74f8e424 by Salvatore Bonaccorso at 2024-12-01T20:53:21+01:00
Review update for CVE-2024-36467

Changes for 7.0.x branch actually landed in 7.0.2rc1. Adjust the commit
which contain the changes. Adjust version tracking for unstable
accordingly.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -557,18 +557,15 @@ CVE-2024-50942 (qiwen-file v1.4.0 was discovered to contain a SQL injection vuln
 CVE-2024-43784 (lakeFS is an open-source tool that transforms object storage into a Gi ...)
 	NOT-FOR-US: lakeFS
 CVE-2024-36467 (An authenticated user with API access (e.g.: user with default User ro ...)
-	- zabbix 1:7.0.3+dfsg-1 (bug #1088689)
+	- zabbix 1:7.0.2+dfsg-1 (bug #1088689)
 	[bullseye] - zabbix 1:5.0.44+dfsg-1+deb11u1
 	NOTE: https://support.zabbix.com/browse/ZBX-25614
-	NOTE: fixed for 7.0.x in 7.0.3rc1
-	NOTE: fixed by: https://github.com/zabbix/zabbix/commit/cf14d079941a3161dedfc85b9f5c474ed2208c0b (7.0.x)
-	NOTE: fixed by: https://github.com/zabbix/zabbix/commit/f121e22211dc2ba467994e06fabc06fe5f2305c0 (7.0.x)
-	NOTE: fixed for 6.0.x in 6.0.33rc1
-	NOTE: fixed by: https://github.com/zabbix/zabbix/commit/a47ca934e25f73f0c69ec4311938262849fe327a (6.0.x)
-	NOTE: fixed by: https://github.com/zabbix/zabbix/commit/f6f765a8759a5b78024083dc05a04ed1ba6ab841 (6.0.x)
-	NOTE: fixed for 5.0.x in 5.0.43rc1
-	NOTE: fixed by: https://github.com/zabbix/zabbix/commit/93d8e4cf751772538801b3528c223e5d2aac762a (5.0.x)
-	NOTE: fixed by: https://github.com/zabbix/zabbix/commit/c52631928bfb8e65aad552881ab088bd8a1d7f01 (5.0.x)
+	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/dabb5dd27aa979657a5bd6077716ce60951e1552 (7.0.2rc1)
+	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/cf14d079941a3161dedfc85b9f5c474ed2208c0b (7.0.2rc1)
+	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/f6f765a8759a5b78024083dc05a04ed1ba6ab841 (6.0.33rc1)
+	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/a47ca934e25f73f0c69ec4311938262849fe327a (6.0.33rc1)
+	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/c52631928bfb8e65aad552881ab088bd8a1d7f01 (5.0.43rc1)
+	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/93d8e4cf751772538801b3528c223e5d2aac762a (5.0.43rc1)
 CVE-2024-11820 (A vulnerability, which was classified as problematic, has been found i ...)
 	NOT-FOR-US: code-projects Crud Operation System
 CVE-2024-11819 (A vulnerability classified as critical was found in 1000 Projects Port ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74f8e424195d6845083c44621126d38ddf8dcc44

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74f8e424195d6845083c44621126d38ddf8dcc44
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241201/217b37ed/attachment.htm>