Back to zabbix PTS page

Accepted zabbix 1:4.0.4+dfsg-1+deb10u2 (source) into oldoldstable

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted zabbix 1:4.0.4+dfsg-1+deb10u2 (source) into oldoldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 22 Aug 2023 13:00:17 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: zabbix_4.0.4+dfsg-1+deb10u2_source.changes
Debian-source: zabbix
Debian-suite: oldoldstable
Debian-version: 1:4.0.4+dfsg-1+deb10u2
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=0wn9k8GNoB12uNqnzsn212o3sv1qTWQi/7gcu7aOuHA=; b=V+ACal/0pxOU2BWfmDVsluZLP0 Jpi/vp1y1PybJrVQnYblaiH4d3/6kC+MU91ksohgxyeLQiasjjK0WFwXpmXt000tOUJbG1hzo+dEM DaoZ5CMKB+8xisduSO+1wzz6du/4hvshzf2p35jPmH+PSWHSphHudGWWzy31v1zxzpzt0bZrWDskk 0qsrj47900EvwxQgR/wYLg9pya/iQdotht2l/OlfVIdthr3ie48RAw5a1CCRlndHe1fQkgWLajtU1 YZHMUxR+TUTPFM4/1Cf+XDnhsT5Rue0z9iM44AhYsRj7rY1QrQo6jBpCtUUXFirXfuJpb85nriwiJ CRaPP7ng==;
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1qYQzZ-009YRJ-2E@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 22 Aug 2023 11:57:54 +0200
Source: zabbix
Architecture: source
Version: 1:4.0.4+dfsg-1+deb10u2
Distribution: buster-security
Urgency: medium
Maintainer: Dmitry Smirnov <onlyjob@debian.org>
Changed-By: Tobias Frost <tobi@debian.org>
Closes: 1026847
Changes:
 zabbix (1:4.0.4+dfsg-1+deb10u2) buster-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Backport patch for CVE-2013-7484: Insecure storage of passwords.
   * Disable guest user on new installs, warn via d/NEWS to disable it on
     existing installations. (CVE-2019-17382)
   * Apply upstream patch for CVE-2022-43515. Closes: #1026847
   * Backport patch for CVE-2023-29450 - unauthorized filesystem access.
   * Backport patch for CVE-2023-29451 - JSON parser uses uninitialized buffer
     on invalid UTF-8.
   * Backport upstream patch CVE-2023-29455 - Reflected XSS in graph item
     propoerties.
   * Backport upstream patch for CVE-2023-29457 - Reflected XSS in Action form
     fields
   * Backport upstream patch for CVE-2023-29456 - Inefficient URL schema
     validation
   * Backport upstream patch for CVE-2023-29454 - Persistent XSS in the user form
   * Fix regression of CVE-2022-35229: Discovery filter could not be edited,
     due to the old jquery bundled with zabbix.
Checksums-Sha1:
 77bbaabaee37bde6b74ad13a8d40cab4911f9220 2876 zabbix_4.0.4+dfsg-1+deb10u2.dsc
 9246683b988b3ee198245a0558ea5b9cca9a625a 218456 zabbix_4.0.4+dfsg-1+deb10u2.debian.tar.xz
 5e0ac240efe37a57f2210fb30094c0de6232519a 18678 zabbix_4.0.4+dfsg-1+deb10u2_amd64.buildinfo
Checksums-Sha256:
 109f6953a87b8c133a527c512c568961bb39f1922a656bdf9dfdd698433ae3dd 2876 zabbix_4.0.4+dfsg-1+deb10u2.dsc
 9e93da40b8a1fef0fbe8915bcb6790229788f28f3465b6229c6924a7353a61fd 218456 zabbix_4.0.4+dfsg-1+deb10u2.debian.tar.xz
 e14da7ad6e29a4d6caae810f7d4422668a10c26c086bf3372a37b43ce7fea870 18678 zabbix_4.0.4+dfsg-1+deb10u2_amd64.buildinfo
Files:
 d631595e937879fa019eda89885b9aa0 2876 net optional zabbix_4.0.4+dfsg-1+deb10u2.dsc
 5537978a72125befa6166873f9ce2adf 218456 net optional zabbix_4.0.4+dfsg-1+deb10u2.debian.tar.xz
 cfc0c7898874cbe1736c23579cbab027 18678 net optional zabbix_4.0.4+dfsg-1+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmTkrMwACgkQkWT6HRe9
XTYYNA//eoKvET2VtjSep/eclc2bzNNxaDGRGj5wH4JSeJK3iOcuz7PSBbKx/ST0
DrMpNEyopbm+XqT/fMPHfAVdf/BEWrFhA5UGkmnLXDVOcKng081IS0zKoVkbi/y8
Ia0KcYik84izu93WFLfjzuCXQEPXms5kCzp2LNZMShR1jeVkCRAKj8lreMhbcaUf
0RiY7B7vFwDeUPgjhwU+tRQSA40ICViKS7JMgLsAqaEEbTBoqfa1ffccEGHPov6k
boR9vZbICdl/3ErLlABztV1X7OOws0TDaa23o6YCCXrsD9MstzhMseUwUJulLZ/1
fnq6LGRQKYMRa1s07PPAjfQbc4AzIbhIYC/+minEyYPqH1+aFzhq23VawKN+KVW9
vpSaUiQi6Odm6VINNsLT70JVHr+0OwSilBt/1PkYAyJqCen/UMqv19F9L1DFQ99f
zb5NN1CxGuUrd0Qb29V4Kthe749xnby8Ub25eVDeNInDb39Ivr9INMOzK90Z/GuN
/217xVistATyGBAzqc+UUUXeqFuqIT6wWxnHlu96yy7jqkuM/hh4nc9yf7Dpyvyn
HvcCkIkEm2pYaHyOLW7ReG3Cx76F1vLY3MAmB3wRI5c/FP00fLryz+4WvWdTZNjt
LK2zBO/VtmbuMnEOu0EPuJwREx1pm7cAhfurcrggETMc7ZV3fBk=
=Q6K/
-----END PGP SIGNATURE-----