[Git][security-tracker-team/security-tracker][master] Triaging CVE-2024-42333/zabbix

[Tobias Frost (@tobi)]

Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c1f7eddd by Tobias Frost at 2024-12-02T18:09:07+01:00
Triaging CVE-2024-42333/zabbix

ZBX-25629 -> DEV-3943

Fixed upstream in 7.0.4rc1
(Debian 1:7.0.5+dfsg-1)

Commit: https://github.com/zabbix/zabbix/commit/72d2ce61872fcbace8f8dfdabc0568c99980989d

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -538,8 +538,10 @@ CVE-2024-46055 (OpenVidReview 1.0 is vulnerable to Cross Site Scripting (XSS) in
 CVE-2024-46054 (OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /uplo ...)
 	NOT-FOR-US: OpenVidReview
 CVE-2024-42333 (The researcher is showing that it is possible to leak a small amount o ...)
-	- zabbix <unfixed> (bug #1088689)
+	- zabbix 1:7.0.5+dfsg-1 (bug #1088689)
 	NOTE: https://support.zabbix.com/browse/ZBX-25629
+	NOTE: fixed by https://github.com/zabbix/zabbix/commit/72d2ce61872fcbace8f8dfdabc0568c99980989d (7.0.4rc1)
+	NOTE: fixed by (merge commit) https://github.com/zabbix/zabbix/commit/c539a227623343187d9907186bce7c9c3bc57a52 (6.0.35rc1)
 CVE-2024-42332 (The researcher is showing that due to the way the SNMP trap log is par ...)
 	- zabbix 1:7.0.5+dfsg-1 (bug #1088689)
 	NOTE: https://support.zabbix.com/browse/ZBX-25628



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1f7eddd9549eb3e656d2a33e5fddff46d3f45fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1f7eddd9549eb3e656d2a33e5fddff46d3f45fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241202/ed14f4f8/attachment.htm>