Debian Package Tracker

general

source: zabbix (main)
version: 1:4.0.4+dfsg-1
maintainer: Dmitry Smirnov [DMD]
uploaders: Christoph Haas [DMD]
arch: all any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1:2.2.7+dfsg-2+deb8u3
o-o-sec: 1:2.2.23+dfsg-0+deb8u1
oldstable: 1:3.0.7+dfsg-3
old-bpo: 1:4.0.3+dfsg-2~bpo9+1
stable: 1:4.0.4+dfsg-1
testing: 1:4.0.4+dfsg-1
unstable: 1:4.0.4+dfsg-1

versioned links

1:2.2.7+dfsg-2+deb8u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.2.23+dfsg-0+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:3.0.7+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:4.0.3+dfsg-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:4.0.4+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

zabbix-agent (3 bugs: 0, 1, 2, 0)
zabbix-frontend-php (3 bugs: 0, 2, 1, 0)
zabbix-java-gateway (1 bugs: 0, 1, 0, 0)
zabbix-proxy-mysql (2 bugs: 0, 1, 1, 0)
zabbix-proxy-pgsql
zabbix-proxy-sqlite3
zabbix-server-mysql (2 bugs: 0, 0, 2, 0)
zabbix-server-pgsql

action needed

A new upstream version is available: 4.2.4 high

A new upstream version 4.2.4 is available, you should consider packaging it.

Created: 2019-02-22 Last update: 2019-07-22 23:55

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.

Please fix it.

Created: 2018-04-19 Last update: 2019-07-07 09:00

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.

Please fix it.

Created: 2019-07-07 Last update: 2019-07-07 09:00

Depends on packages which need a new maintainer normal

The packages that zabbix depends on which need a new maintainer are:

prototypejs (#863697)
- Build-Depends: libjs-prototype
snmp-mibs-downloader (#878723)
- Suggests: snmp-mibs-downloader snmp-mibs-downloader
apache2 (#910917)
- Build-Depends: apache2-dev
- Recommends: apache2
lsb (#924519)
- Depends: lsb-base lsb-base lsb-base lsb-base lsb-base lsb-base lsb-base

Created: 2017-12-02 Last update: 2019-07-23 03:04

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-09-11 Last update: 2019-07-23 01:31

3 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 5d699e409342953e40f92197b8aaf21c40152544
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Feb 6 11:54:02 2019 +1100

    New upstream release + changelog summary

commit 430f23f7f017bbb652b32fa88c9a368f23008488
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Feb 6 11:53:43 2019 +1100

    clean: remove CI files

commit 75434b9dcb7140d220abefc29510d088e9f1aa45
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Feb 6 11:50:07 2019 +1100

    Standards-Version: 4.3.0

Created: 2019-02-06 Last update: 2019-07-22 19:30

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.

Please fix it.

Created: 2018-04-19 Last update: 2019-07-07 09:00

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.
CVE-2016-10742: Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.

Please fix them.

Created: 2018-04-13 Last update: 2019-07-07 09:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-07-08 20:09

news

[rss feed]

[2019-03-11] Accepted zabbix 1:2.2.23+dfsg-0+deb8u1 (source amd64 all) into oldstable (Markus Koschany)
[2019-02-11] zabbix 1:4.0.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-02-06] Accepted zabbix 1:4.0.4+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2019-01-22] zabbix 1:4.0.3+dfsg-2 MIGRATED to testing (Debian testing watch)
[2019-01-22] Accepted zabbix 1:4.0.3+dfsg-2~bpo9+1 (source amd64 all) into stretch-backports (Dmitry Smirnov)
[2019-01-17] Accepted zabbix 1:4.0.3+dfsg-2 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-12-31] zabbix 1:4.0.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-24] Accepted zabbix 1:4.0.3+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-12-17] zabbix 1:4.0.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-06] Accepted zabbix 1:4.0.2+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-11-06] zabbix 1:4.0.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-11-01] Accepted zabbix 1:4.0.1+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-10-08] zabbix 1:4.0.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-10-03] Accepted zabbix 1:4.0.0+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-05-29] Accepted zabbix 1:3.0.17+dfsg-1~bpo9+1 (source amd64 all) into stretch-backports, stretch-backports (Dmitry Smirnov)
[2018-05-21] zabbix 1:3.0.17+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-05-14] Accepted zabbix 1:3.0.17+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-11-27] zabbix 1:3.0.12+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-11-15] zabbix REMOVED from testing (Debian testing watch)
[2017-10-29] Accepted zabbix 1:3.0.12+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-08-12] Accepted zabbix 1:2.2.7+dfsg-2+deb8u3 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2017-06-06] zabbix 1:3.0.7+dfsg-3 MIGRATED to testing (Debian testing watch)
[2017-06-04] Accepted zabbix 1:3.0.7+dfsg-3 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-05-21] Accepted zabbix 1:3.0.7+dfsg-2 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-03-09] Accepted zabbix 1:2.2.7+dfsg-2+deb8u2 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2017-01-16] Accepted zabbix 1:3.0.7+dfsg-1~bpo8+1 (source amd64 all) into jessie-backports (Dmitry Smirnov)
[2017-01-10] zabbix 1:3.0.7+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-12-31] Accepted zabbix 1:3.0.7+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2016-12-20] zabbix 1:3.0.6+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-12-10] Accepted zabbix 1:3.0.6+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)

bugs [bug history graph]

all: 13
RC: 0
I&N: 5
M&W: 8
F&P: 0
patch: 0

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:4.0.4+dfsg-1
69 bugs (1 patch)