Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits: df2eb1ce by Tobias Frost at 2023-08-11T09:35:28+02:00 CVE-2023-29449/zabbix does not affect buster. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -16738,7 +16738,11 @@ CVE-2023-29450 (JavaScript pre-processing can be used by the attacker to gain ac NOTE: https://support.zabbix.com/browse/ZBX-22588 CVE-2023-29449 (JavaScript preprocessing, webhooks and global scripts can cause uncont ...) - zabbix <unfixed> + [buster] - zabbix <not-affected> (vulnerable code introduced later) NOTE: https://support.zabbix.com/browse/ZBX-22589 + NOTE: Upstream patch for 5.0.32: https://github.com/zabbix/zabbix/commit/e90b8a3c62 + NOTE: applied in upstream release/5.0 branch: https://github.com/zabbix/zabbix/commit/c21cf2fa656b75733e3abc09d8f20690735b3f22 + NOTE: vulnerable module introduced in https://github.com/zabbix/zabbix/commit/18d2abfc40 (5.0.0alpha1) CVE-2023-29448 RESERVED CVE-2023-29447 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df2eb1ce7c1a337f6b1fb91ff5706afac8865501 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df2eb1ce7c1a337f6b1fb91ff5706afac8865501 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits