Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted zabbix 1:3.0.32+dfsg-0+deb9u3 (source) into oldoldstable
Date: Tue, 12 Apr 2022 11:30:12 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 Apr 2022 13:11:33 CEST
Source: zabbix
Binary: zabbix-agent zabbix-frontend-php zabbix-java-gateway zabbix-proxy-mysql zabbix-proxy-pgsql zabbix-proxy-sqlite3 zabbix-server-mysql zabbix-server-pgsql
Architecture: source
Version: 1:3.0.32+dfsg-0+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Dmitry Smirnov <onlyjob@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 zabbix-agent - network monitoring solution - agent
 zabbix-frontend-php - network monitoring solution - PHP front-end
 zabbix-java-gateway - network monitoring solution - Java gateway
 zabbix-proxy-mysql - network monitoring solution - proxy (using MySQL)
 zabbix-proxy-pgsql - network monitoring solution - proxy (using PostgreSQL)
 zabbix-proxy-sqlite3 - network monitoring solution - proxy (using SQLite3)
 zabbix-server-mysql - network monitoring solution - server (using MySQL)
 zabbix-server-pgsql - network monitoring solution - server (using PostgreSQL)
Checksums-Sha1:
 e10c44170407eb273b64456a7dc82fd6729a3411 3053 zabbix_3.0.32+dfsg-0+deb9u3.dsc
 7c0b3940cdcc5f31189e8ed471a898b0936316cb 195140 zabbix_3.0.32+dfsg-0+deb9u3.debian.tar.xz
 45ba01c3460a342b7b70d5b5d0e112f7e202320f 18973 zabbix_3.0.32+dfsg-0+deb9u3_amd64.buildinfo
Checksums-Sha256:
 b328ab91609996f2b86a4fb00db62aad634b0f5d4f5b1fc061a9a94eba34348e 3053 zabbix_3.0.32+dfsg-0+deb9u3.dsc
 c77a816b03962fa8f9baadb1bee83576dfcc08fb25e5504c49e42a77956fa723 195140 zabbix_3.0.32+dfsg-0+deb9u3.debian.tar.xz
 c897ee0e29e0a3458a877778bdaf74cf5be6476040ffb94d4cbb4b19fe427671 18973 zabbix_3.0.32+dfsg-0+deb9u3_amd64.buildinfo
Changes:
 zabbix (1:3.0.32+dfsg-0+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2022-24349, CVE-2022-24917 and CVE-2022-24919:
     An authenticated user can create a link with reflected Javascript code
     inside it for graphs, actions and services pages and send it to other
     users. The payload can be executed only with a known CSRF token value of
     the victim, which is changed periodically and is difficult to predict.
Files:
 2348f08eb92200b9ecfa335cd56b875a 3053 net optional zabbix_3.0.32+dfsg-0+deb9u3.dsc
 7ee6d3fa4730e415949195a08c7f2a47 195140 net optional zabbix_3.0.32+dfsg-0+deb9u3.debian.tar.xz
 258f951a45fbe07479a3911390e0b9a2 18973 net optional zabbix_3.0.32+dfsg-0+deb9u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmJVXmlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkRHwQAI/fm9Allz2FjXWcv97rU81Pi5a9oauvyV/9
+y9Vr7gvOknFxqzal3kM3cxMPnmVxNaA/si7WLSLFgpXr1FY+wis3XPwr86Zq/dk
8MFmwh70TwdUCrAvebti/F1oGP9H+3y9Ybqsj/ABTSGjwFFvllh+Wz7xdX57nKgm
XHfwAWhaoXxXDqIctRCJmwO9DIfLrJw/eSsHqu1nCJrwtSYnTXuzyLyCH+wO8XJf
xkY5ZsqXZeeXTNXip0IkgMBUDHMCd77lq2bQIXbxYjcTJbZKD40CD68xK6Y4VH1V
6aPdmQXT4TFRjo9HjRE4+waDOHa0a5fBvR9dOmNoEQTY3u9fDkR7BxHAc9cwDxZP
ZYi/YyK6SOuzb4m8rA94YJQdMQyYYm4vjO6XBev13nF9WdUGXA9DjrMFkyzDX5B2
ThVkffoqUu4JSIGoLHyq2rns42y6m6ZSXsg6ZnUN2BirCzj2tLMOw8wBEIO0u8ve
KWCXAz18cocmurOZ8WuHeaeSI9JKQCBE/0Idu4tSwVh8/RMmmJuKDIhb5sGj9F9Y
5bct0TGJt1THcG2wUSz16qvEo95goV/uSlVarmS9I60aUpcHTg+Q5usKpwYHOnrK
lhzE1EYQj/V73gbscQlHohPtQDFg2nflm07t2xFobXNtl9wD53yF6f8f/GbqhGzK
YxMwd91X
=2UlN
-----END PGP SIGNATURE-----
News for package zabbix
