[Git][security-tracker-team/security-tracker][master] Record upstream tags for some CVE fixes

Salvatore Bonaccorso (@carnil) Sun, 15 Dec 2024 10:13:59 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d8190748 by Salvatore Bonaccorso at 2024-12-15T19:13:37+01:00
Record upstream tags for some CVE fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33508,23 +33508,23 @@ CVE-2024-36462 (Uncontrolled resource consumption 
refers to a software vulnerabi
        [bookworm] - zabbix <not-affected> (feature not present)
        [bullseye] - zabbix <not-affected> (feature not present)
        NOTE: https://support.zabbix.com/browse/ZBX-25019
-       NOTE: fix: 
https://github.com/zabbix/zabbix/commit/36663df8e81f073b049fba2c595a4bb7c6adea68
 (7.0.x)
+       NOTE: fix: 
https://github.com/zabbix/zabbix/commit/36663df8e81f073b049fba2c595a4bb7c6adea68
 (7.0.1rc1)
        NOTE: WebDriver (Browser monitoring) feature introduced in 
https://github.com/zabbix/zabbix/commit/036f3e14be3, first seen in 7.0.0rc1
 CVE-2024-36461 (Within Zabbix, users have the ability to directly modify 
memory pointe ...)
        {DLA-3909-1}
        - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
        NOTE: https://support.zabbix.com/browse/ZBX-25018
-       NOTE: fix: 
https://github.com/zabbix/zabbix/commit/9aa4ab73c76a2395769ac1ec88a453a3066f0e79
 (7.0.x)
-       NOTE: fix: 
https://github.com/zabbix/zabbix/commit/b370b845cc4683896e65a93fe81f1204ccf62ba5
 (6.0.x)
+       NOTE: fix: 
https://github.com/zabbix/zabbix/commit/9aa4ab73c76a2395769ac1ec88a453a3066f0e79
 (7.0.1rc1)
+       NOTE: fix: 
https://github.com/zabbix/zabbix/commit/b370b845cc4683896e65a93fe81f1204ccf62ba5
 (6.0.31rc1)
 CVE-2024-36460 (The front-end audit log allows viewing of unprotected 
plaintext passwo ...)
        {DLA-3909-1}
        - zabbix 1:7.0.1+dfsg-1 (bug #1078553)
        NOTE: https://support.zabbix.com/browse/ZBX-25017
-       NOTE: 
https://github.com/zabbix/zabbix/commit/37028d9ca96ceb39a13ae32f76e6aaa662bc80ea
 (7.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/b5361b6481fb2d4dd1e8d87f214bf8ed07c1d247
 (7.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/b51426d55471dba96b82fb68ce1482692449267b
 (6.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/171c79ba50b74b238a8e3ac18bd95178f95f656b
 (6.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/6098bfe16bd4d6616577795b8b2b99597b4fde30
 (5.0.x)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/37028d9ca96ceb39a13ae32f76e6aaa662bc80ea
 (7.0.1rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/b5361b6481fb2d4dd1e8d87f214bf8ed07c1d247
 (7.0.1rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/b51426d55471dba96b82fb68ce1482692449267b
 (6.0.31rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/171c79ba50b74b238a8e3ac18bd95178f95f656b
 (6.0.31rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/6098bfe16bd4d6616577795b8b2b99597b4fde30
 (5.0.43rc1)
 CVE-2024-32765 (A vulnerability has been reported to affect Network & Virtual 
Switch.  ...)
        NOT-FOR-US: QNAP
 CVE-2024-22123 (Setting SMS media allows to set GSM modem file. Later this 
file is use ...)
@@ -33538,9 +33538,9 @@ CVE-2024-22122 (Zabbix allows to configure SMS 
notifications. AT command injecti
        {DLA-3909-1}
        - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
        NOTE: https://support.zabbix.com/browse/ZBX-25012
-       NOTE: 
https://github.com/zabbix/zabbix/commit/9923c7dea89e19318621788df07dc7572a2528be
 (7.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/2cd64d3522fe974f21487ce1606d65e10eea7bae
 (6.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/5a41f3036dd47d7c196dbfc97c9923eca6f51094
 (5.0.x)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/9923c7dea89e19318621788df07dc7572a2528be
 (7.0.0rc3)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/2cd64d3522fe974f21487ce1606d65e10eea7bae
 (6.0.31rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/5a41f3036dd47d7c196dbfc97c9923eca6f51094
 (5.0.43rc1)
 CVE-2024-22121 (A non-admin user can change or remove important features 
within the Za ...)
        - zabbix <not-affected> (vulnerability in Windows installer)
        NOTE: https://support.zabbix.com/browse/ZBX-25011
@@ -33548,18 +33548,18 @@ CVE-2024-22116 (An administrator with restricted 
permissions can exploit the scr
        {DLA-3909-1}
        - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
        NOTE: https://support.zabbix.com/browse/ZBX-25016
-       NOTE: 
https://github.com/zabbix/zabbix/commit/afb3ab931d59af61e4f974634b85bcbed5a042b2
 (7.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/679e18f172fc1f9a78b19789fbbc52246871ff19
 (7.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/e6acaef1df1db44aaa9c1a0e1953a4da21425636
 (7.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/182e1a9d96dcd82de337b31dc1cbbd6b4b619281
 (6.4.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/a2dad304083387b8597ef1d67394f285b105f614
 (6.4.x)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/afb3ab931d59af61e4f974634b85bcbed5a042b2
 (7.0.0rc3)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/679e18f172fc1f9a78b19789fbbc52246871ff19
 (7.0.1rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/e6acaef1df1db44aaa9c1a0e1953a4da21425636
 (7.0.1rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/182e1a9d96dcd82de337b31dc1cbbd6b4b619281
 (6.4.16rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/a2dad304083387b8597ef1d67394f285b105f614
 (6.4.16rc1)
 CVE-2024-22114 (User with no permission to any of the Hosts can access and 
view host c ...)
        {DLA-3909-1}
        - zabbix 1:7.0.0+dfsg-1 (bug #1078553)
        NOTE: https://support.zabbix.com/browse/ZBX-25015
-       NOTE: 
https://github.com/zabbix/zabbix/commit/44687a7aa09787db0939cc8bc6ae3178638fc1cf
 (7.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/2c52375e51349a63af7d4620d83077f103dadf91
 (6.0.x)
-       NOTE: 
https://github.com/zabbix/zabbix/commit/1a74fd3a8b9253e4e8e9e2989577dd0b3cc8b5f7
 (5.0.x)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/44687a7aa09787db0939cc8bc6ae3178638fc1cf
 (7.0.0rc3)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/2c52375e51349a63af7d4620d83077f103dadf91
 (6.0.31rc1)
+       NOTE: 
https://github.com/zabbix/zabbix/commit/1a74fd3a8b9253e4e8e9e2989577dd0b3cc8b5f7
 (5.0.43rc1)
 CVE-2023-38018 (IBM Aspera Shares 1.10.0 PL2 does not invalidate session after 
a passw ...)
        NOT-FOR-US: IBM
 CVE-2023-31315 (Improper validation in a model specific register (MSR) could 
allow a m ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d81907485fa2fd79d45f1b3899eba0ba5aa8857c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d81907485fa2fd79d45f1b3899eba0ba5aa8857c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Record upstream tags for some CVE fixes

Reply via email to