Bug#1117448: marked as done (zabbix: CVE-2025-49641 CVE-2025-27238 CVE-2025-27236 CVE-2025-27233 CVE-2025-27231)

Debian Bug Tracking System Fri, 23 Jan 2026 18:37:18 -0800

Your message dated Sat, 24 Jan 2026 02:35:06 +0000
with message-id <[email protected]>
and subject line Bug#1117448: fixed in zabbix 1:7.0.22+dfsg-1
has caused the Debian Bug report #1117448,
regarding zabbix: CVE-2025-49641 CVE-2025-27238 CVE-2025-27236 CVE-2025-27233 
CVE-2025-27231
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1117448: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Source: zabbix
Version: 1:7.0.10+dfsg-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerabilities were published for zabbix.

CVE-2025-49641[0]:
| A regular Zabbix user with no permission to the Monitoring ->
| Problems view is still able to call the problem.view.refresh action
| and therefore still retrieve a list of active problems.


CVE-2025-27238[1]:
| Due to a bug in Zabbix API, the hostprototype.get method lists all
| host prototypes to users that do not have any user groups assigned
| to them.


CVE-2025-27236[2]:
| A regular Zabbix user can search other users in their user group via
| Zabbix API by select fields the user does not have access to view.
| This allows data-mining some field values the user does not have
| access to.


CVE-2025-27233[3]:
| Zabbix Agent 2 smartctl plugin does not properly sanitize
| smart.disk.get parameters, allowing an attacker to inject unexpected
| arguments into the smartctl command. This can be used to leak the
| NTLMv2 hash from a Windows system.


CVE-2025-27231[4]:
| The LDAP 'Bind password' value cannot be read after saving, but a
| Super Admin account can leak it by changing LDAP 'Host' to a rogue
| LDAP server. To mitigate this, the 'Bind password' value is now
| reset on 'Host' change.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-49641
    https://www.cve.org/CVERecord?id=CVE-2025-49641
[1] https://security-tracker.debian.org/tracker/CVE-2025-27238
    https://www.cve.org/CVERecord?id=CVE-2025-27238
[2] https://security-tracker.debian.org/tracker/CVE-2025-27236
    https://www.cve.org/CVERecord?id=CVE-2025-27236
[3] https://security-tracker.debian.org/tracker/CVE-2025-27233
    https://www.cve.org/CVERecord?id=CVE-2025-27233
[4] https://security-tracker.debian.org/tracker/CVE-2025-27231
    https://www.cve.org/CVERecord?id=CVE-2025-27231

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: zabbix
Source-Version: 1:7.0.22+dfsg-1
Done: Dmitry Smirnov <[email protected]>

We believe that the bug you reported is fixed in the latest version of
zabbix, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dmitry Smirnov <[email protected]> (supplier of updated zabbix package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 23 Jan 2026 18:15:57 +1100
Source: zabbix
Architecture: source
Version: 1:7.0.22+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Dmitry Smirnov <[email protected]>
Changed-By: Dmitry Smirnov <[email protected]>
Closes: 1117448
Changes:
 zabbix (1:7.0.22+dfsg-1) unstable; urgency=high
 .
   * New upstream release. (Closes: #1117448)
     + CVE-2025-49641 (fixed in 7.0.18)
     + CVE-2025-27238 (fixed in 7.0.14)
     + CVE-2025-27236 (fixed in 7.0.17)
     + CVE-2025-27233 (fixed in 7.0.11)
     + CVE-2025-27231 (fixed in 7.0.18)
   * Build-Depends:
     + golang-github-victoriametrics-easyproto-dev
     = golang-any (>= 2:1.24~)
   * README.Debian.security to denote limited scope of support.
Checksums-Sha1:
 f88c8ba77b282dc6787d7911ee9e0c45d20efb91 4201 zabbix_7.0.22+dfsg-1.dsc
 6c49ac7d1a4ea112dca8c6008cc24eadd392e369 12513640 
zabbix_7.0.22+dfsg.orig-templates.tar.xz
 508cc7af85739ce92ca0e4b0cf90fe3a32b52411 906300 
zabbix_7.0.22+dfsg.orig-vendor.tar.xz
 209e4099d2004b93985079457c21af0c0319064b 22741900 
zabbix_7.0.22+dfsg.orig.tar.xz
 8d52ef61f9fbccd915b65d68f47e341a5c18f0e2 144924 
zabbix_7.0.22+dfsg-1.debian.tar.xz
 24b8d96226dd3e087cd2d6263daaf2ed37b22464 22021 
zabbix_7.0.22+dfsg-1_amd64.buildinfo
Checksums-Sha256:
 71b0a05102f9a47849bff1e818b15952c0a7acb1acb1fa3a7b81dcfaabc6a24f 4201 
zabbix_7.0.22+dfsg-1.dsc
 b102ce916fbce2c3aea54b230445c6da2f9744626191c32223e6cce80c2b552c 12513640 
zabbix_7.0.22+dfsg.orig-templates.tar.xz
 1ee4440b1646fb4c401f1d040540d9de6fb6b81d156bd08762bf8cfdec76ed4a 906300 
zabbix_7.0.22+dfsg.orig-vendor.tar.xz
 4ad15329ccd81efb9c603ffd62d7240de30760e65f134cfc8078a594a1f4f688 22741900 
zabbix_7.0.22+dfsg.orig.tar.xz
 0203818a0b6f9f3837be6131aaae00f94faeb86a3b7880097f5af914539ae8dc 144924 
zabbix_7.0.22+dfsg-1.debian.tar.xz
 b19825111265299fa15b06863db43ae35961a485b53e7ffd62e0c4ee4e3eef48 22021 
zabbix_7.0.22+dfsg-1_amd64.buildinfo
Files:
 ae47eb7f37d9040f219dd39e0ff62010 4201 net optional zabbix_7.0.22+dfsg-1.dsc
 3afd96b168a649f3a1cd810ebc88c459 12513640 net optional 
zabbix_7.0.22+dfsg.orig-templates.tar.xz
 9be2db1ed5142d71f36e0d765f84746e 906300 net optional 
zabbix_7.0.22+dfsg.orig-vendor.tar.xz
 0b5012d2281728863983db52140b81b5 22741900 net optional 
zabbix_7.0.22+dfsg.orig.tar.xz
 db3897d94c0cf0eb517cb6aca98f3c2a 144924 net optional 
zabbix_7.0.22+dfsg-1.debian.tar.xz
 ed8a2c0741a2da49ec916d6d4ad0e457 22021 net optional 
zabbix_7.0.22+dfsg-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEULx8+TnSDCcqawZWUra72VOWjRsFAml0LPQACgkQUra72VOW
jRvFTA//WjCOZ/x7fQdW3xqjoSRnQUPue4XiRkXAFPQ8KarmJXPdFNeAlOF7wGLf
ITjWMfolvchw7X1eqVK0O4uS0U7Ka/rO8H0AnHflymZ6V7dNyhKlzrX4sk57UiXW
FS0WKdVVfwKHyqaHsL2h2ubiz5e5Clo5CxQg0ldD9apGbuDrMx2i5Nf9s4t7o+zl
C2NTZJYJzVYdFx80DXGbgUNeHV6KArqeHJXKX0/ojCUw81eXjtiph2br+KXtfQW+
j4YemZc5wlxHm+RFY09oM+OA6rh5QuK2JC7dbES2f9c4LjCW41phA0vW3L3QIV+a
DBNRpfUzGuhdyn5m5AntjCb8Ctznbyfm8cfad1tkq5/C9BoZP19koiebTjXFGBqw
E8e2z1fQE+305+KAFZSRKij/r/Ov3ErSDx4ey1A5AKjV9fWY4hIhWR/Ic6umCM+D
Oc3mkJlgqxpZQ445cFjyuXeCO5l1lyWsfjLf40UfqXAw/A4ZGwgvrQEvxcVRVjeA
Eoz/DcH/C2k7OjUyAby0E9X3z5y+6S2qYNDER9PXqGSMt7Amj1K/zCuCt4g0bihb
diiZxYr/HjZzDt6UbSOcmqHXVQLmmn49vb0vGT18TbJJWDRLJzQtMOwX+AEL9kGe
4RwLDtbIzJnv1t7qJDyUeeYEbwWq6GTqmHR7pyiHNZXneM3a3vg=
=Vt7C
-----END PGP SIGNATURE-----

pgpHHX2xPasex.pgp
Description: PGP signature

--- End Message ---

Bug#1117448: marked as done (zabbix: CVE-2025-49641 CVE-2025-27238 CVE-2025-27236 CVE-2025-27233 CVE-2025-27231)

Reply via email to