-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 19 Apr 2025 12:40:39 +0200
Source: zabbix
Architecture: source
Version: 1:5.0.46+dfsg-1+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Dmitry Smirnov <onlyjob@debian.org>
Changed-By: Tobias Frost <tobi@debian.org>
Changes:
zabbix (1:5.0.46+dfsg-1+deb11u1) bullseye-security; urgency=medium
.
* Non maintainer upload by the LTS team.
* Updating to latest upstream LTS release of the 5.0.x series.
- Refreshing patch java-gateway.patch
(upstream embedded libs changes versions, but we are using packaged versions.)
- Refreshing patch CVE-2024-36461.patch and CVE-2024-42331.patch due to
upstream changes.
- Drop CVE-2024-42330.patch, has been included in new upstream release.
* New upstream LTS release adresses:
- CVE-2024-36469 - user enumeration via timing attack.
- CVE-2024-42325 - information disclosure.
* Backport upstream fixes:
- CVE-2024-45699 - Cross-site Scripting (XSS)
- CVE-2024-45700 - Denial of Service
Checksums-Sha1:
4ce1097e3a78fad6b3f455bd6a83fec2c3ab7a9a 3211 zabbix_5.0.46+dfsg-1+deb11u1.dsc
699dccf0f9bc34f19959a024b89551f1f83230e7 11105720 zabbix_5.0.46+dfsg.orig-templates.tar.xz
0de790dde3949c1ba701322b952bc96897007d9a 11985680 zabbix_5.0.46+dfsg.orig.tar.xz
73d098c6537d06dedda6c6183c2a62a40070ae22 211216 zabbix_5.0.46+dfsg-1+deb11u1.debian.tar.xz
de42551f7ee31b5dfddb2971408bd220746edbf9 18155 zabbix_5.0.46+dfsg-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
27d786b93ae8191654ebaaa9446ff48c7b087530af6e373b4fa70d5c3a7c0174 3211 zabbix_5.0.46+dfsg-1+deb11u1.dsc
c740e844bcc6d286db5d161bd8eac74fddcf35f53da94afbd441b361c51fd2e5 11105720 zabbix_5.0.46+dfsg.orig-templates.tar.xz
2703b78b763717f738b6b29b306c634b43d041231d17c49d6e64a5232ae985f6 11985680 zabbix_5.0.46+dfsg.orig.tar.xz
64e1081b094fb29debb4791d04957c1c5455404344fdd7302229bfd7094849a5 211216 zabbix_5.0.46+dfsg-1+deb11u1.debian.tar.xz
6087458743cba494c53805a4846fccc4b767951e4bbf0e28702ec767141cb097 18155 zabbix_5.0.46+dfsg-1+deb11u1_amd64.buildinfo
Files:
a3a4f6d78f6f5ee4fe4ce02e403f3395 3211 net optional zabbix_5.0.46+dfsg-1+deb11u1.dsc
ac9c06c73d6870425ba855a5b6d5588e 11105720 net optional zabbix_5.0.46+dfsg.orig-templates.tar.xz
a434df3729d9852730ea0fe1720a2905 11985680 net optional zabbix_5.0.46+dfsg.orig.tar.xz
015854251fc20be080686077283890cf 211216 net optional zabbix_5.0.46+dfsg-1+deb11u1.debian.tar.xz
732c79a5b4456764c2f5d648898a87f4 18155 net optional zabbix_5.0.46+dfsg-1+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmgDf9wACgkQkWT6HRe9
XTZnKA/+PWBczoF17ZeEBcmO6hOMO97BRhqnZCorfW4WGhfGMMNCW8ZaD+4fmaGP
pDjzKM8FK5VcQVCqsUDW3Gllj1tMXd5yTNnGxfw5rEOnT3gX7CINNgDXMlcaWfNA
LqYlwjuJExUOjyDYeEmtDqUXEZtR62w6Op3jFX2Bov6JEJdkMT4InSI+GYwDZUK0
QLBzFqigO9UB5eKgqcmlhZX7tr+tj8psZ9Z4G0SCPZlvLo0hH8oXLk8IB8lSsphC
JF/+qcdYjpNX8ugswpqBriXRUC6LXKf0ZWj2DyDPK+D0QZpOe50feoAGGF9dZ6MO
/MiKyhnzfAKkmhI/AfX9x8zyALVF8hdZmt8T5KfQyuF53uHutkD3HK7z87yyifW/
cU29kaBzCCQCO2GoL0FeHBWADgRd1fZcwOJfl56/i/0OLvzG44B8xv07SgGbobj0
xSeJiBzfVTSg4ASdbdvfuRloXWwjAW0U2GkINmLZZxZpjT5Y6oljdmQcRFu95gVX
Ha6hktRT2JZXmA0vnUUNu4AWLBoh9YzUnkjag0IjIeQJE+zveBUESLFt/oRJjvWy
Tr7a+pKeokmnA5dk+kRqzcVxKo+ad4ovNZBLVEnquJXNl+zi9BPBVlEBuLPlGfk5
7kbdwBejoZ+zZUdE3UdtVRhQYagecujNwU5Fyx0Nr8cfg0uLx5k=
=eXTJ
-----END PGP SIGNATURE-----
Attachment:
pgpV7OVdC1HjA.pgp
Description: PGP signature