[Git][security-tracker-team/security-tracker][master] CVE-2025-2723[3-4]
Bastien Roucariès (@rouca)
rouca at debian.org
Mon Oct 20 22:32:09 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
408b415b by Bastien Roucariès at 2025-10-20T23:30:05+02:00
CVE-2025-2723[3-4]
This is the same internal ID but upstream affected different CVE between 5 LTS and >6
Likely due to different CVSS score due to different impact between version
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14700,7 +14700,7 @@ CVE-2025-27234 (Zabbix Agent 2 smartctl plugin does not properly sanitize smart.
NOTE: 5.0.0-5.0.46 specific issue, thus mark the first version in unstable from the
NOTE: 6.0.0 series onwards as the fixed version as workaround.
NOTE: Fixed in 5.0.47
- NOTE: Internal issue DEV-4211
+ NOTE: Internal issue DEV-4211 (same than CVE-2025-27233)
NOTE: Fixed by commit [1/8] https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/04f541edac542f12a903f9fb82046c45edf8c357 (5.0.47rc1)
NOTE: Fixed by commit [2/8] https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/b37ba84a92756f3b77dec1f181f8d6ba1e206f57 (5.0.47rc1)
NOTE: Fixed by commit [3/8] https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/752b763bea758c11693b0fd034265729d1867240 (5.0.47rc1)
@@ -14711,8 +14711,9 @@ CVE-2025-27234 (Zabbix Agent 2 smartctl plugin does not properly sanitize smart.
NOTE: Fixed by commit [8/8] https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/d18935be5fadca6c85ce0a715ce85e757d1dc80b (5.0.47rc1)
CVE-2025-27233 (Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.g ...)
- zabbix <unfixed> (bug #1117448)
+ [bullseye] - zabbix <not-affected> (assigned CVE-2025-27234 instead)
NOTE: https://support.zabbix.com/browse/ZBX-26987
- NOTE: Internal issue DEV-4211
+ NOTE: Internal issue DEV-4211 (same than CVE-2025-27234)
NOTE: Fixed by merge commit https://github.com/zabbix/zabbix/commit/6abcdb5010d19cc6fb3e73f1cc3f127afb5d151f (6.0.40rc1)
NOTE: Fixed by merge commit https://github.com/zabbix/zabbix/commit/f0625dd11ed5e043d330f8f22ac8eecb63272106 (7.0.11rc2)
NOTE: Fixed by merge commit https://github.com/zabbix/zabbix/commit/70b7a00e94db1c0dd16384d81cc40659de57fb04 (7.2.5rc2)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/408b415bfdacf31daa88fa2ea01801767262db25
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/408b415bfdacf31daa88fa2ea01801767262db25
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251020/2e981aaa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list