[Git][security-tracker-team/security-tracker][master] Triaging CVE-2024-42326/zabbix

Tobias Frost (@tobi) tobi at debian.org
Mon Dec 2 17:25:27 GMT 2024



Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bfd5083b by Tobias Frost at 2024-12-02T18:21:00+01:00
Triaging CVE-2024-42326/zabbix

ZBX-25622 -> DEV-3940

Fixed upstream in 7.0.4rc1 (first Debian upload 1:7.0.5-1)

Merge-Commit: https://github.com/zabbix/zabbix/commit/e82c5941242edc9f4a96e101caaf27e106f73f47

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -567,8 +567,9 @@ CVE-2024-42327 (A non-admin user account on the Zabbix frontend with the default
 	NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/9256f8d933a50a468ae36e7a40301aa761941612 (7.0.1rc1)
 	NOTE: Fixed by (merge commit): https://github.com/zabbix/zabbix/commit/39ff97dbf6f229a1b9c4f38db061aa73dd680828 (6.0.32rc1)
 CVE-2024-42326 (There was discovered a use after free bug in browser.c in the es_brows ...)
-	- zabbix <unfixed> (bug #1088689)
+	- zabbix 1:7.0.5+dfsg-1 (bug #1088689)
 	NOTE: https://support.zabbix.com/browse/ZBX-25622
+	NOTE: Fixed by (merge commit) https://github.com/zabbix/zabbix/commit/e82c5941242edc9f4a96e101caaf27e106f73f47 (7.0.4rc1)
 CVE-2024-41126 (Contiki-NG is an open-source, cross-platform operating system for IoT  ...)
 	NOT-FOR-US: Contiki-NG
 CVE-2024-41125 (Contiki-NG is an open-source, cross-platform operating system for IoT  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfd5083bf59fc24c595c8567ab86435f74d981be

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bfd5083bf59fc24c595c8567ab86435f74d981be
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241202/4bc2026b/attachment.htm>


More information about the debian-security-tracker-commits mailing list