Debian Package Tracker

general

source: zabbix (main)
version: 1:4.0.4+dfsg-1
maintainer: Dmitry Smirnov [DMD]
uploaders: Christoph Haas [DMD]
arch: all any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1:2.2.7+dfsg-2+deb8u3
old-sec: 1:2.2.23+dfsg-0+deb8u1
stable: 1:3.0.7+dfsg-3
stable-bpo: 1:4.0.3+dfsg-2~bpo9+1
testing: 1:4.0.4+dfsg-1
unstable: 1:4.0.4+dfsg-1

versioned links

1:2.2.7+dfsg-2+deb8u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.2.23+dfsg-0+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:3.0.7+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:4.0.3+dfsg-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:4.0.4+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

zabbix-agent
zabbix-frontend-php
zabbix-java-gateway
zabbix-proxy-mysql
zabbix-proxy-pgsql
zabbix-proxy-sqlite3
zabbix-server-mysql
zabbix-server-pgsql

action needed

A new upstream version is available: 4.2.1 high

A new upstream version 4.2.1 is available, you should consider packaging it.

Created: 2019-02-22 Last update: 2019-05-22 17:22

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.

Please fix it.

Created: 2018-04-19 Last update: 2019-03-12 00:12

Depends on packages which need a new maintainer normal

The packages that zabbix depends on which need a new maintainer are:

snmp-mibs-downloader (#878723)
- Suggests: snmp-mibs-downloader snmp-mibs-downloader
prototypejs (#863697)
- Build-Depends: libjs-prototype
lsb (#924519)
- Depends: lsb-base lsb-base lsb-base lsb-base lsb-base lsb-base lsb-base
apache2 (#910917)
- Recommends: apache2
- Build-Depends: apache2-dev

Created: 2017-12-02 Last update: 2019-05-22 18:03

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-09-11 Last update: 2019-05-22 17:24

3 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 5d699e409342953e40f92197b8aaf21c40152544
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Feb 6 11:54:02 2019 +1100

    New upstream release + changelog summary

commit 430f23f7f017bbb652b32fa88c9a368f23008488
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Feb 6 11:53:43 2019 +1100

    clean: remove CI files

commit 75434b9dcb7140d220abefc29510d088e9f1aa45
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Feb 6 11:50:07 2019 +1100

    Standards-Version: 4.3.0

Created: 2019-02-06 Last update: 2019-05-22 07:11

lintian reports 13 warnings normal

Lintian reports 13 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-04-12 Last update: 2019-04-12 07:50

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2016-10742: Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.
CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.

Please fix them.

Created: 2018-04-13 Last update: 2019-03-12 00:12

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.

Please fix it.

Created: 2018-04-19 Last update: 2019-03-12 00:12

news

[rss feed]

[2019-03-11] Accepted zabbix 1:2.2.23+dfsg-0+deb8u1 (source amd64 all) into oldstable (Markus Koschany)
[2019-02-11] zabbix 1:4.0.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-02-06] Accepted zabbix 1:4.0.4+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2019-01-22] zabbix 1:4.0.3+dfsg-2 MIGRATED to testing (Debian testing watch)
[2019-01-22] Accepted zabbix 1:4.0.3+dfsg-2~bpo9+1 (source amd64 all) into stretch-backports (Dmitry Smirnov)
[2019-01-17] Accepted zabbix 1:4.0.3+dfsg-2 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-12-31] zabbix 1:4.0.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-24] Accepted zabbix 1:4.0.3+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-12-17] zabbix 1:4.0.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-12-06] Accepted zabbix 1:4.0.2+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-11-06] zabbix 1:4.0.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-11-01] Accepted zabbix 1:4.0.1+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-10-08] zabbix 1:4.0.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-10-03] Accepted zabbix 1:4.0.0+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2018-05-29] Accepted zabbix 1:3.0.17+dfsg-1~bpo9+1 (source amd64 all) into stretch-backports, stretch-backports (Dmitry Smirnov)
[2018-05-21] zabbix 1:3.0.17+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-05-14] Accepted zabbix 1:3.0.17+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-11-27] zabbix 1:3.0.12+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-11-15] zabbix REMOVED from testing (Debian testing watch)
[2017-10-29] Accepted zabbix 1:3.0.12+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-08-12] Accepted zabbix 1:2.2.7+dfsg-2+deb8u3 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Moritz Muehlenhoff) (signed by: Moritz Mühlenhoff)
[2017-06-06] zabbix 1:3.0.7+dfsg-3 MIGRATED to testing (Debian testing watch)
[2017-06-04] Accepted zabbix 1:3.0.7+dfsg-3 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-05-21] Accepted zabbix 1:3.0.7+dfsg-2 (source amd64 all) into unstable (Dmitry Smirnov)
[2017-03-09] Accepted zabbix 1:2.2.7+dfsg-2+deb8u2 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2017-01-16] Accepted zabbix 1:3.0.7+dfsg-1~bpo8+1 (source amd64 all) into jessie-backports (Dmitry Smirnov)
[2017-01-10] zabbix 1:3.0.7+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-12-31] Accepted zabbix 1:3.0.7+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)
[2016-12-20] zabbix 1:3.0.6+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-12-10] Accepted zabbix 1:3.0.6+dfsg-1 (source amd64 all) into unstable (Dmitry Smirnov)

bugs [bug history graph]

all: 12
RC: 0
I&N: 5
M&W: 7
F&P: 0
patch: 0

links

homepage
lintian (0, 13)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:4.0.4+dfsg-1
69 bugs (1 patch)