[Git][security-tracker-team/security-tracker][master] CVE-2024-45700/zabbix pinpointed fixing commit

Fri, 18 Apr 2025 09:10:16 -0700 


Tobias Frost pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4830fe5a by Tobias Frost at 2025-04-18T18:09:59+02:00
CVE-2024-45700/zabbix pinpointed fixing commit

upstream internal ticket: DEV-4138

CVE-2024-45699 - properly sort fixes for the different upstream versions in 
descending order.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6121,6 +6121,8 @@ CVE-2025-0415 (A remote attacker with web administrator 
privileges can exploit t
 CVE-2024-45700 (Zabbix server is vulnerable to a DoS vulnerability due to 
uncontrolled ...)
        - zabbix 1:7.0.10+dfsg-1
        NOTE: https://support.zabbix.com/browse/ZBX-26253
+       NOTE: fixed by (merge commit) 
https://github.com/zabbix/zabbix/commit/c0757920b12922eaafca2abe7318446b5c5fefaa
 (7.0.10rc1)
+       NOTE: fixed by (merge commit) 
https://github.com/zabbix/zabbix/commit/f3d13f079d9e8764b407876f50fde2f06088ea0d
 (6.0.39rc1)
 CVE-2024-45699 (The endpoint /zabbix.php?action=export.valuemaps suffers from 
a Cross- ...)
        - zabbix 1:7.0.9+dfsg-1
        NOTE: https://support.zabbix.com/browse/ZBX-26254
@@ -6129,9 +6131,9 @@ CVE-2024-45699 (The endpoint 
/zabbix.php?action=export.valuemaps suffers from a
 CVE-2024-42325 (Zabbix API user.get returns all users that share common group 
with the ...)
        - zabbix 1:7.0.9+dfsg-1
        NOTE: https://support.zabbix.com/browse/ZBX-26258
+       NOTE: Fixed by (merge commit) 
https://github.com/zabbix/zabbix/commit/652fd57e8d93b2890f7484771d4fdf290a459b11
 (7.0.9rc1)
        NOTE: Fixed by (merge commit) 
https://github.com/zabbix/zabbix/commit/2b6d97beac19674ad238f98f971cf83dca352386
 (6.0.38rc1)
        NOTE: Fixed by (merge commit) 
https://github.com/zabbix/zabbix/commit/9edbc84251a1fb2ab75dc974c334d300d4705390
 (5.0.46rc1)
-       NOTE: Fixed by (merge commit) 
https://github.com/zabbix/zabbix/commit/652fd57e8d93b2890f7484771d4fdf290a459b11
 (7.0.9rc1)
 CVE-2024-39780 (A YAML deserialization vulnerability was found in the Robot 
Operating  ...)
        - ros-dynamic-reconfigure <unfixed> (bug #1102010)
        [bookworm] - ros-dynamic-reconfigure <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4830fe5a24e5dd449d54ab98039540c966fd8ffe

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4830fe5a24e5dd449d54ab98039540c966fd8ffe
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to