[Git][security-tracker-team/security-tracker][master] CVE-2024-42328/zabbix not affecting bullseye

Fri, 06 Dec 2024 10:22:27 -0800 


Tobias Frost pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
32601600 by Tobias Frost at 2024-12-06T19:21:39+01:00
CVE-2024-42328/zabbix not affecting bullseye

vulnerable feature, webdriver, is a new feature of Zabbix 7.0

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1726,10 +1726,12 @@ CVE-2024-42329 (The webdriver for the Browser object 
expects an error object to
        [bullseye] - zabbix <not-affected> (Vulnerable code introduced later)
        NOTE: https://support.zabbix.com/browse/ZBX-25625
        NOTE: Fixed by (merge commit): 
https://github.com/zabbix/zabbix/commit/65c4acee83191158522bc75552912fdce2cac9da
 (7.0.4rc1)
-       NOTE: webdriver.c introduced with vesion 7.0.0rc1 commit 
https://github.com/zabbix/zabbix/commit/4d22c15fe4499602e0da5399e3dd6dc9da03277b
+       NOTE: webdriver introduced with vesion 7.0.0rc1 commit 
https://github.com/zabbix/zabbix/commit/4d22c15fe4499602e0da5399e3dd6dc9da03277b
 CVE-2024-42328 (When the webdriver for the Browser object downloads data from 
a HTTP s ...)
        - zabbix <unfixed> (bug #1088689)
+       [bullseye] - zabbix <not-affected> (Vulnerable code introduced later)
        NOTE: https://support.zabbix.com/browse/ZBX-25624
+        NOTE: webdriver introduced with vesion 7.0.0rc1 commit 
https://github.com/zabbix/zabbix/commit/4d22c15fe4499602e0da5399e3dd6dc9da03277b
 CVE-2024-42327 (A non-admin user account on the Zabbix frontend with the 
default User  ...)
        - zabbix 1:7.0.1+dfsg-1 (bug #1088689)
        NOTE: https://support.zabbix.com/browse/ZBX-25623



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32601600c13813ea09d2cbf4d15b0d2b192f0c1b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32601600c13813ea09d2cbf4d15b0d2b192f0c1b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to