-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 07 Dec 2024 16:40:08 +0100 Source: zabbix Architecture: source Version: 1:5.0.45+dfsg-1+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: Dmitry Smirnov <onlyjob@debian.org> Changed-By: Tobias Frost <tobi@debian.org> Closes: 1088689 Changes: zabbix (1:5.0.45+dfsg-1+deb11u1) bullseye-security; urgency=medium . * Non maintainer upload by the LTS team. * Updating to latest upstream LTS release of the 5.0.x series. * Fixing following CVES: (Closes: #1088689) - Backport upstream patches for: - CVE-2024-42330 - JS-Internal strings in HTTP headers - CVE-2024-42331 - potiential use after free. - CVE-2024-42332 - possible injection of traps in trap receiver. - CVE-2024-42333 - buffer over-read. - New patch to filter passwords from configuration exports. (CVE-2024-36464) - Annotate previous upload's changelog that the following CVEs have been fixed already: CVE 2024-22117, CVE 2024-36463 and CVE 2024-36467 Checksums-Sha1: 7a4678d14eb119f99bd608b905785ece196ca009 3211 zabbix_5.0.45+dfsg-1+deb11u1.dsc e9793488844d5c4f25b52f661493a665524519aa 11122044 zabbix_5.0.45+dfsg.orig-templates.tar.xz 1fece2325a6efbb91275ad8977b06ac129cb560f 12133172 zabbix_5.0.45+dfsg.orig.tar.xz 8f2df87959b06f7931fa2449665a4c7cdc00eaad 210108 zabbix_5.0.45+dfsg-1+deb11u1.debian.tar.xz d1ad8c37cd6423da9e28f1aa163a7f2a9f376d1d 18155 zabbix_5.0.45+dfsg-1+deb11u1_amd64.buildinfo Checksums-Sha256: fed08adc5a47374fa515859c42ec9db43277c9052fbc451bbba7d140eb33cb37 3211 zabbix_5.0.45+dfsg-1+deb11u1.dsc 3af91f5d42567d5bc26a12c1d4dad07873f1e43326e2f28d5fbe4e14cf7e35c9 11122044 zabbix_5.0.45+dfsg.orig-templates.tar.xz f9ba7c4dc41d40a306b79fcdd50aeec3ae9d9e81febe7fb32ca727a9947be3d2 12133172 zabbix_5.0.45+dfsg.orig.tar.xz 66a8b72356dc93232aa40768a1624f7b55547eda358930f0dd80f9ae4b7c3478 210108 zabbix_5.0.45+dfsg-1+deb11u1.debian.tar.xz ef5df32c375bc1ed4c846c67fb4fbf6c86287b11446e38d52f9990ee660ae5ef 18155 zabbix_5.0.45+dfsg-1+deb11u1_amd64.buildinfo Files: 07bc08e245300f27af74b5aeaa7a32d7 3211 net optional zabbix_5.0.45+dfsg-1+deb11u1.dsc 3531a8b43b47b3bc089293db00456dea 11122044 net optional zabbix_5.0.45+dfsg.orig-templates.tar.xz 41234b7e78ff56c781aa46d6b3bd3269 12133172 net optional zabbix_5.0.45+dfsg.orig.tar.xz 7f24d3af8f21156ae23369473c6ac1a2 210108 net optional zabbix_5.0.45+dfsg-1+deb11u1.debian.tar.xz cc1bbb1d192e4e13ab63ad8896191ec4 18155 net optional zabbix_5.0.45+dfsg-1+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmdUbYAACgkQkWT6HRe9 XTYFLQ/7B0eKs8X6djrhjbdPlKDZpI0Lp5xZ7AV90QeUqjNc1sT+5AjMZBCtduIO +x884Yg+LuUQq6NultelJ/StJQtFMa3vqy6WmTvxJK1/bNJAQZ1hfew7QSH6AJ1x nCn43bwf8OidyvKBuUrYuNVkdvgSfS6Hp32x756BIRrw14EoCyjqODKPsq/4eNf3 wmmsgXlKw0nI4w3wvwubAnaSGqUuVqG5rBcEM5BDpn8CGTIqF0+OhggQIChVTXjt s0ulTYqu4cAT+DNPvowrIPgtYAElrmc4tVqKy/VVEF8mV2DFIdZguwOmdIHj6tlJ hldaDeOkKGW8lysdJ83gOC4RjwVWHIaxfBgR/hnSv0acGRCGDn7gYcLtNPjOTrHH n02onQnAB8Q52LssnQVtG/fUMIKS/AVLBPjGbU45olYb2RdojSzgJ8vqZU4Ew3El KF0z5YVLbyaFb+BJJzQVPUbvhCiId1osxWfJQh7I1j9kf62yDrP4J6PLX7QnODlT Q2QZedlpSJqtbF+We7MZFqaKXuT7N8gVy8F/d6Ay76FC0HNeA6jzgNDlTj/pbUhU hqInuodsudlyYThF8BBe+Oo7E5lqH3EjBzffPOlyIDxNrcRAVU5MYIuFtmx/waBd s7+UcnVIFaRCZ2bBWAL32GvkVknCV3bEH7haIDjFKUQdnIo4a5g= =Q0/J -----END PGP SIGNATURE-----