[Git][security-tracker-team/security-tracker][master] CVE-2024-22114/zabbix identified patches.
Tobias Frost (@tobi)
tobi at debian.org
Mon Sep 16 21:19:00 BST 2024
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d313ebd1 by Tobias Frost at 2024-09-16T22:18:52+02:00
CVE-2024-22114/zabbix identified patches.
Upstream ticket -> ZBX-25015 -> via Changelog / git commit messages : DEV-3729
git log --greo DEV-3729 identifies commit ids.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8424,6 +8424,9 @@ CVE-2024-22116 (An administrator with restricted permissions can exploit the scr
CVE-2024-22114 (User with no permission to any of the Hosts can access and view host c ...)
- zabbix 1:7.0.0+dfsg-1 (bug #1078553)
NOTE: https://support.zabbix.com/browse/ZBX-25015
+ NOTE: https://github.com/zabbix/zabbix/commit/44687a7aa09787db0939cc8bc6ae3178638fc1cf (7.0.x)
+ NOTE: https://github.com/zabbix/zabbix/commit/2c52375e51349a63af7d4620d83077f103dadf91 (6.0.x)
+ NOTE: https://github.com/zabbix/zabbix/commit/1a74fd3a8b9253e4e8e9e2989577dd0b3cc8b5f7 (5.0.x)
CVE-2023-38018 (IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a passw ...)
NOT-FOR-US: IBM
CVE-2023-31315 (Improper validation in a model specific register (MSR) could allow a m ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d313ebd1309aa0442bc8324c43abdf3a9b505034
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d313ebd1309aa0442bc8324c43abdf3a9b505034
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240916/e21bcf6c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list