Source: zabbix Source-Version: 1:7.0.22+dfsg-1 On Sat, Jan 24, 2026 at 02:35:06AM +0000, Debian FTP Masters wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Format: 1.8 > Date: Fri, 23 Jan 2026 18:15:57 +1100 > Source: zabbix > Architecture: source > Version: 1:7.0.22+dfsg-1 > Distribution: unstable > Urgency: high > Maintainer: Dmitry Smirnov <[email protected]> > Changed-By: Dmitry Smirnov <[email protected]> > Closes: 1117448 > Changes: > zabbix (1:7.0.22+dfsg-1) unstable; urgency=high > . > * New upstream release. (Closes: #1117448) > + CVE-2025-49641 (fixed in 7.0.18) > + CVE-2025-27238 (fixed in 7.0.14) > + CVE-2025-27236 (fixed in 7.0.17) > + CVE-2025-27233 (fixed in 7.0.11) > + CVE-2025-27231 (fixed in 7.0.18) > * Build-Depends: > + golang-github-victoriametrics-easyproto-dev > = golang-any (>= 2:1.24~) > * README.Debian.security to denote limited scope of support.
One more should be fixed as well, #1121841. Regards, Salvatore
