Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted zabbix 1:5.0.46+dfsg-1+deb11u1 (source) into oldstable-security
Date: Sat, 19 Apr 2025 11:10:23 +0000
Signed by: Tobias Frost <tobi@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 19 Apr 2025 12:40:39 +0200
Source: zabbix
Architecture: source
Version: 1:5.0.46+dfsg-1+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Dmitry Smirnov <onlyjob@debian.org>
Changed-By: Tobias Frost <tobi@debian.org>
Changes:
 zabbix (1:5.0.46+dfsg-1+deb11u1) bullseye-security; urgency=medium
 .
   * Non maintainer upload by the LTS team.
   * Updating to latest upstream LTS release of the 5.0.x series.
     - Refreshing patch java-gateway.patch
       (upstream embedded libs changes versions, but we are using packaged versions.)
     - Refreshing patch CVE-2024-36461.patch and CVE-2024-42331.patch due to
       upstream changes.
     - Drop CVE-2024-42330.patch, has been included in new upstream release.
   * New upstream LTS release adresses:
     - CVE-2024-36469 - user enumeration via timing attack.
     - CVE-2024-42325 - information disclosure.
   * Backport upstream fixes:
     - CVE-2024-45699 - Cross-site Scripting (XSS)
     - CVE-2024-45700 - Denial of Service
Checksums-Sha1:
 4ce1097e3a78fad6b3f455bd6a83fec2c3ab7a9a 3211 zabbix_5.0.46+dfsg-1+deb11u1.dsc
 699dccf0f9bc34f19959a024b89551f1f83230e7 11105720 zabbix_5.0.46+dfsg.orig-templates.tar.xz
 0de790dde3949c1ba701322b952bc96897007d9a 11985680 zabbix_5.0.46+dfsg.orig.tar.xz
 73d098c6537d06dedda6c6183c2a62a40070ae22 211216 zabbix_5.0.46+dfsg-1+deb11u1.debian.tar.xz
 de42551f7ee31b5dfddb2971408bd220746edbf9 18155 zabbix_5.0.46+dfsg-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
 27d786b93ae8191654ebaaa9446ff48c7b087530af6e373b4fa70d5c3a7c0174 3211 zabbix_5.0.46+dfsg-1+deb11u1.dsc
 c740e844bcc6d286db5d161bd8eac74fddcf35f53da94afbd441b361c51fd2e5 11105720 zabbix_5.0.46+dfsg.orig-templates.tar.xz
 2703b78b763717f738b6b29b306c634b43d041231d17c49d6e64a5232ae985f6 11985680 zabbix_5.0.46+dfsg.orig.tar.xz
 64e1081b094fb29debb4791d04957c1c5455404344fdd7302229bfd7094849a5 211216 zabbix_5.0.46+dfsg-1+deb11u1.debian.tar.xz
 6087458743cba494c53805a4846fccc4b767951e4bbf0e28702ec767141cb097 18155 zabbix_5.0.46+dfsg-1+deb11u1_amd64.buildinfo
Files:
 a3a4f6d78f6f5ee4fe4ce02e403f3395 3211 net optional zabbix_5.0.46+dfsg-1+deb11u1.dsc
 ac9c06c73d6870425ba855a5b6d5588e 11105720 net optional zabbix_5.0.46+dfsg.orig-templates.tar.xz
 a434df3729d9852730ea0fe1720a2905 11985680 net optional zabbix_5.0.46+dfsg.orig.tar.xz
 015854251fc20be080686077283890cf 211216 net optional zabbix_5.0.46+dfsg-1+deb11u1.debian.tar.xz
 732c79a5b4456764c2f5d648898a87f4 18155 net optional zabbix_5.0.46+dfsg-1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmgDf9wACgkQkWT6HRe9
XTZnKA/+PWBczoF17ZeEBcmO6hOMO97BRhqnZCorfW4WGhfGMMNCW8ZaD+4fmaGP
pDjzKM8FK5VcQVCqsUDW3Gllj1tMXd5yTNnGxfw5rEOnT3gX7CINNgDXMlcaWfNA
LqYlwjuJExUOjyDYeEmtDqUXEZtR62w6Op3jFX2Bov6JEJdkMT4InSI+GYwDZUK0
QLBzFqigO9UB5eKgqcmlhZX7tr+tj8psZ9Z4G0SCPZlvLo0hH8oXLk8IB8lSsphC
JF/+qcdYjpNX8ugswpqBriXRUC6LXKf0ZWj2DyDPK+D0QZpOe50feoAGGF9dZ6MO
/MiKyhnzfAKkmhI/AfX9x8zyALVF8hdZmt8T5KfQyuF53uHutkD3HK7z87yyifW/
cU29kaBzCCQCO2GoL0FeHBWADgRd1fZcwOJfl56/i/0OLvzG44B8xv07SgGbobj0
xSeJiBzfVTSg4ASdbdvfuRloXWwjAW0U2GkINmLZZxZpjT5Y6oljdmQcRFu95gVX
Ha6hktRT2JZXmA0vnUUNu4AWLBoh9YzUnkjag0IjIeQJE+zveBUESLFt/oRJjvWy
Tr7a+pKeokmnA5dk+kRqzcVxKo+ad4ovNZBLVEnquJXNl+zi9BPBVlEBuLPlGfk5
7kbdwBejoZ+zZUdE3UdtVRhQYagecujNwU5Fyx0Nr8cfg0uLx5k=
=eXTJ
-----END PGP SIGNATURE-----
News for package zabbix
