Tobias Frost pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2bc6c444 by Tobias Frost at 2024-12-06T19:48:24+01:00
CVE-2024-42326/zabbix
- fix link to patch.
- webdriver is a feature of zabbix 7.0.x
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1741,8 +1741,10 @@ CVE-2024-42327 (A non-admin user account on the Zabbix
frontend with the default
NOTE: Userroles introduced with version 6.0.0alpha1, commit
https://github.com/zabbix/zabbix/commit/e5f4a103352a2e182c177236079bbe2a22907e45
CVE-2024-42326 (There was discovered a use after free bug in browser.c in the
es_brows ...)
- zabbix 1:7.0.5+dfsg-1 (bug #1088689)
+ [bullseye] - zabbix <not-affected> (Vulnerable code introduced later)
NOTE: https://support.zabbix.com/browse/ZBX-25622
- NOTE: Fixed by (merge commit)
https://github.com/zabbix/zabbix/commit/e82c5941242edc9f4a96e101caaf27e106f73f47
(7.0.4rc1)
+ NOTE: Fixed by
https://github.com/zabbix/zabbix/commit/0b01b889fc1d47002e1cf9fa50d52a5cca5f1a97
(7.0.4rc1)
+ NOTE: webdriver (browser.c) introduced with vesion 7.0.0rc1 commit
https://github.com/zabbix/zabbix/commit/4d22c15fe4499602e0da5399e3dd6dc9da03277b
CVE-2024-41126 (Contiki-NG is an open-source, cross-platform operating system
for IoT ...)
NOT-FOR-US: Contiki-NG
CVE-2024-41125 (Contiki-NG is an open-source, cross-platform operating system
for IoT ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2bc6c444a46b264677a280131df7a47d35767561
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2bc6c444a46b264677a280131df7a47d35767561
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
