[Git][security-tracker-team/security-tracker][master] CVE-2024-22122/zabbix located patches

[Tobias Frost (@tobi)]

Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f1bc6ce6 by Tobias Frost at 2024-09-16T21:08:50+02:00
CVE-2024-22122/zabbix located patches

determined by upstream ticket ZBX-25012, matched to git commit message,
uncovers dev-ticket DEV-3120 for the issue; git-tag --grep DEV-3120
reveals commits.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8306,6 +8306,9 @@ CVE-2024-22123 (Setting SMS media allows to set GSM modem file. Later this file
 CVE-2024-22122 (Zabbix allows to configure SMS notifications. AT command injection occ ...)
 	- zabbix 1:7.0.0+dfsg-1 (bug #1078553)
 	NOTE: https://support.zabbix.com/browse/ZBX-25012
+	NOTE: https://github.com/zabbix/zabbix/commit/9923c7dea89e19318621788df07dc7572a2528be (7.0.x)
+	NOTE: https://github.com/zabbix/zabbix/commit/2cd64d3522fe974f21487ce1606d65e10eea7bae (6.0.x)
+	NOTE: https://github.com/zabbix/zabbix/commit/5a41f3036dd47d7c196dbfc97c9923eca6f51094 (5.0.x)
 CVE-2024-22121 (A non-admin user can change or remove important features within the Za ...)
 	- zabbix <not-affected> (vulnerability in Windows installer)
 	NOTE: https://support.zabbix.com/browse/ZBX-25011



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1bc6ce6e70413368a26b7fedd07398d020ea9c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1bc6ce6e70413368a26b7fedd07398d020ea9c1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240916/5fdbf10f/attachment.htm>