Tobias Frost pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
df2eb1ce by Tobias Frost at 2023-08-11T09:35:28+02:00
CVE-2023-29449/zabbix does not affect buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16738,7 +16738,11 @@ CVE-2023-29450 (JavaScript pre-processing can be used
by the attacker to gain ac
NOTE: https://support.zabbix.com/browse/ZBX-22588
CVE-2023-29449 (JavaScript preprocessing, webhooks and global scripts can
cause uncont ...)
- zabbix <unfixed>
+ [buster] - zabbix <not-affected> (vulnerable code introduced later)
NOTE: https://support.zabbix.com/browse/ZBX-22589
+ NOTE: Upstream patch for 5.0.32:
https://github.com/zabbix/zabbix/commit/e90b8a3c62
+ NOTE: applied in upstream release/5.0 branch:
https://github.com/zabbix/zabbix/commit/c21cf2fa656b75733e3abc09d8f20690735b3f22
+ NOTE: vulnerable module introduced in
https://github.com/zabbix/zabbix/commit/18d2abfc40 (5.0.0alpha1)
CVE-2023-29448
RESERVED
CVE-2023-29447
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df2eb1ce7c1a337f6b1fb91ff5706afac8865501
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df2eb1ce7c1a337f6b1fb91ff5706afac8865501
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
