zabbix - Debian Package Tracker

general

source: zabbix (main)
version: 1:5.0.17+dfsg-1
maintainer: Dmitry Smirnov (DMD)
uploaders: Christoph Haas [DMD]
arch: all any
std-ver: 4.6.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1:3.0.7+dfsg-3
o-o-sec: 1:3.0.32+dfsg-0+deb9u3
o-o-bpo: 1:4.0.3+dfsg-2~bpo9+1
oldstable: 1:4.0.4+dfsg-1
old-bpo: 1:5.0.8+dfsg-1~bpo10+1
stable: 1:5.0.8+dfsg-1
stable-bpo: 1:5.0.17+dfsg-1~bpo11+1
testing: 1:5.0.17+dfsg-1
unstable: 1:5.0.17+dfsg-1
exp: 1:6.0.3+dfsg-1

versioned links

1:3.0.7+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:3.0.32+dfsg-0+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:4.0.3+dfsg-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:4.0.4+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:5.0.8+dfsg-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:5.0.8+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:5.0.17+dfsg-1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:5.0.17+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:6.0.3+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

zabbix-agent (3 bugs: 0, 1, 2, 0)
zabbix-frontend-php (3 bugs: 0, 2, 1, 0)
zabbix-java-gateway
zabbix-proxy-mysql (1 bugs: 0, 0, 1, 0)
zabbix-proxy-pgsql
zabbix-proxy-sqlite3
zabbix-server-mysql (2 bugs: 0, 0, 2, 0)
zabbix-server-pgsql

action needed

A new upstream version is available: 5.0.23 high

A new upstream version 5.0.23 is available, you should consider packaging it.

Created: 2021-12-01 Last update: 2022-05-19 09:36

4 security issues in stretch high

There are 4 open security issues in stretch.

1 important issue:

CVE-2021-46088: Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.

1 issue postponed or untriaged:

CVE-2013-7484: (needs triaging) Zabbix before 5.0 represents passwords in the users table with unsalted MD5.

2 ignored issues:

CVE-2017-2826: An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.
CVE-2019-17382: An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.

Created: 2022-02-14 Last update: 2022-04-12 15:07

9 security issues in sid high

There are 9 open security issues in sid.

9 important issues:

CVE-2021-46088: Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.
CVE-2022-23131: In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
CVE-2022-23132: During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
CVE-2022-23133: An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.
CVE-2022-23134: After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
CVE-2022-24349: An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.
CVE-2022-24917: An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24918: An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24919: An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.

Created: 2022-01-15 Last update: 2022-04-12 15:07

14 security issues in buster high

There are 14 open security issues in buster.

9 important issues:

CVE-2021-46088: Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.
CVE-2022-23131: In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
CVE-2022-23132: During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
CVE-2022-23133: An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.
CVE-2022-23134: After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
CVE-2022-24349: An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.
CVE-2022-24917: An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24918: An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24919: An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.

5 issues left for the package maintainer to handle:

CVE-2013-7484: (needs triaging) Zabbix before 5.0 represents passwords in the users table with unsalted MD5.
CVE-2019-15132: (needs triaging) Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php.
CVE-2019-17382: (needs triaging) An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
CVE-2020-15803: (needs triaging) Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
CVE-2021-27927: (needs triaging) In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection mechanism. The code inside this controller calls diableSIDValidation inside the init() method. An attacker doesn't have to know Zabbix user login credentials, but has to know the correct Zabbix URL and contact information of an existing user with sufficient privileges.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2022-04-12 15:07

9 security issues in bullseye high

There are 9 open security issues in bullseye.

9 important issues:

CVE-2021-46088: Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.
CVE-2022-23131: In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
CVE-2022-23132: During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
CVE-2022-23133: An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.
CVE-2022-23134: After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
CVE-2022-24349: An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.
CVE-2022-24917: An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24918: An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24919: An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.

Created: 2022-01-15 Last update: 2022-04-12 15:07

9 security issues in bookworm high

There are 9 open security issues in bookworm.

9 important issues:

CVE-2021-46088: Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.
CVE-2022-23131: In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
CVE-2022-23132: During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
CVE-2022-23133: An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.
CVE-2022-23134: After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
CVE-2022-24349: An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.
CVE-2022-24917: An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24918: An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.
CVE-2022-24919: An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.

Created: 2022-01-15 Last update: 2022-04-12 15:07

Depends on packages which need a new maintainer normal

The packages that zabbix depends on which need a new maintainer are:

dh-linktree (#980413)
- Build-Depends: dh-linktree
prototypejs (#863697)
- Build-Depends: libjs-prototype

Created: 2019-11-22 Last update: 2022-05-19 07:03

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1:6.0.3+dfsg-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 61ff69bcd5adeb176c1d792484a79f005513c11e
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Thu Apr 7 19:57:49 2022 +1000

    web_service: README and Recommends: chromium

commit 5b351fe46c03b72b85816a62cefc2593c4a065c7
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Thu Apr 7 15:58:30 2022 +1000

    rules: removed "--as-needed".

commit 90e7121037686acbc2e1b474ce3f8c9b20809527
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Thu Apr 7 01:11:54 2022 +1000

    Updated TODO

commit 02ddf17a5096d635b65853ed660e68b8a83e5ebc
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Thu Apr 7 01:11:15 2022 +1000

    Frontend might need "gettext"
    
    According to
      https://www.zabbix.com/documentation/6.0/en/manual/installation/requirements

commit b0de2fd7a0834a9b771dfe146943b11feefd3977
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Thu Apr 7 01:05:39 2022 +1000

    Added new READMEs

commit a5310fb23b2785977fd97a59a94f11926e967b7a
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Apr 6 22:05:54 2022 +1000

    Enable binary packages "zabbix-agent2" and "zabbix-web-service".

commit c1a6076c8eae59d94c1f91157d4a55d3f0a9c7c5
Author: Dmitry Smirnov <onlyjob@member.fsf.org>
Date:   Wed Apr 6 22:04:17 2022 +1000

    corrected libjs dependencies

https://salsa.debian.org/api/v4/projects/debian%2Fzabbix/pipelines?scope=finished&per_page=1 API request failed: 403 Forbidden at /srv/qa.debian.org/data/vcswatch/vcswatch line 415.

Created: 2022-04-06 Last update: 2022-05-13 07:37

lintian reports 13 warnings normal

Lintian reports 13 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-01-01 Last update: 2022-01-01 04:35

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).

Created: 2022-05-11 Last update: 2022-05-11 23:24

news

[rss feed]

[2022-04-12] Accepted zabbix 1:3.0.32+dfsg-0+deb9u3 (source) into oldoldstable (Markus Koschany)
[2022-04-06] Accepted zabbix 1:6.0.3+dfsg-1 (source) into experimental (Dmitry Smirnov)
[2022-02-07] Accepted zabbix 1:3.0.32+dfsg-0+deb9u2 (source) into oldoldstable (Sylvain Beucler)
[2021-12-03] Accepted zabbix 1:5.0.17+dfsg-1~bpo11+1 (source) into bullseye-backports (Dmitry Smirnov)
[2021-11-24] zabbix 1:5.0.17+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-11-19] Accepted zabbix 1:5.0.17+dfsg-1 (source) into unstable (Dmitry Smirnov)
[2021-09-09] Accepted zabbix 1:5.0.14+dfsg-1~bpo11+1 (source amd64 all) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Dmitry Smirnov)
[2021-09-01] zabbix 1:5.0.14+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-08-25] Accepted zabbix 1:5.0.14+dfsg-1 (source) into unstable (Dmitry Smirnov)
[2021-04-21] Accepted zabbix 1:3.0.32+dfsg-0+deb9u1 (source) into oldstable (Sylvain Beucler)
[2021-02-11] Accepted zabbix 1:5.0.8+dfsg-1~bpo10+1 (source) into buster-backports (Dmitry Smirnov)
[2021-02-06] zabbix 1:5.0.8+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-02-01] Accepted zabbix 1:5.0.8+dfsg-1 (source) into unstable (Dmitry Smirnov)
[2021-01-12] Accepted zabbix 1:5.0.7+dfsg-1~bpo10+1 (source) into buster-backports (Dmitry Smirnov)
[2021-01-12] zabbix 1:5.0.7+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-01-07] Accepted zabbix 1:5.0.7+dfsg-1 (source) into unstable (Dmitry Smirnov)
[2020-11-23] Accepted zabbix 1:5.0.5+dfsg-1~bpo10+1 (source) into buster-backports (Dmitry Smirnov)
[2020-11-21] Accepted zabbix 1:3.0.31+dfsg-0+deb9u1 (source) into oldstable (Sylvain Beucler)
[2020-11-05] zabbix 1:5.0.5+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-10-31] Accepted zabbix 1:5.0.5+dfsg-1 (source) into unstable (Dmitry Smirnov)
[2020-10-06] Accepted zabbix 1:5.0.4+dfsg-1~bpo10+1 (source) into buster-backports (Dmitry Smirnov)
[2020-10-06] zabbix 1:5.0.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-10-01] Accepted zabbix 1:5.0.4+dfsg-1 (source) into unstable (Dmitry Smirnov)
[2020-08-07] Accepted zabbix 1:5.0.2+dfsg-1~bpo10+1 (source) into buster-backports (Dmitry Smirnov)
[2020-08-03] Accepted zabbix 1:3.0.7+dfsg-3+deb9u1 (source amd64 all) into oldstable (Chris Lamb)
[2020-07-29] zabbix 1:5.0.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-07-24] Accepted zabbix 1:5.0.2+dfsg-1 (source) into unstable (Dmitry Smirnov)
[2020-06-02] Accepted zabbix 1:5.0.1+dfsg-1~bpo10+1 (source) into buster-backports (Dmitry Smirnov)
[2020-06-01] zabbix 1:5.0.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-05-26] Accepted zabbix 1:5.0.1+dfsg-1 (source) into unstable (Dmitry Smirnov)

bugs [bug history graph]

all: 11
RC: 0
I&N: 3
M&W: 8
F&P: 0
patch: 0

links

homepage
lintian (0, 13)
buildd: logs, exp, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
l10n (-, 60)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:5.0.17+dfsg-1
70 bugs (1 patch)