Zabbix packages vulnerable to CVE-2021-27927

  • Done
  • quality assurance status badge
Details
4 participants
  • Leo Famulari
  • Léo Le Bouter
  • Ludovic Courtès
  • Mark H Weaver
Owner
unassigned
Submitted by
Mark H Weaver
Severity
normal
M
M
Mark H Weaver wrote on 14 Mar 2021 22:32
(address . bug-guix@gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
87ft0xs9oi.fsf@netris.org
I'm forwarding this to bug-guix@gnu.org so that it won't be forgotten.

Mark

-------------------- Start of forwarded message --------------------
Subject: Zabbix packages vulnerable to CVE-2021-27927
From: Léo Le Bouter <lle-bout@zaclys.net>
To: guix-devel@gnu.org
Date: Wed, 03 Mar 2021 21:08:54 +0100
Would be nice to update, it's a CSRF so not very high severity but
still.

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmA/7NYACgkQRaix6GvN
EKb/4BAAjvfkGDGmWsGDHX0GdnjLedyPi+sL454Ab0s+qArInZP9a9ef66S70DMk
PbMngbn6//BKG6DnQXWCDbnNpvvBC9MmoddswH+VDDMZStjmefRApbx85ANY5JCE
bRnj09VXtBjpcqZ2M4aTMmsKgspWlx6cbHlXY/tdgsayMWvL0IdzgGceG8cDj3bi
3szxIo8gioGyNlJWdg7WxdduGASRor8msI5de++bbZrXpIGVeq6MhQPzPbBNP4x7
fJiEFRcwVHzjTrLvJwqw3iMBZFYRLja++R8+AVhR49rIfjWYfPK2F/Nue6CUyHil
W/63J5kaV6JutirNhHszpOFgNrRKO1MPuJlhkJnLZM5QjCrIXIrVxLj7SY/iVaXe
hdof/x+Qln/y9QX1AUwxvIxlre0uS2xFnksEFU5iNwnrNG5mzmN3fnLs44IuHldI
K+3YeC6atL9hdTuwK3rhmLdTAsO4zMOi8+JoR8DgQMnmHrWQMryJCPxE1cLGwbKL
lUradyG+TKo+/9HScGy9UwxI7f+qYaDgs6dTo5LixYd5z9SMsxNLEWSnv2xNpst7
Q0P3m5cQscTr1oYf6B/P9mBG+fr0aU7b/kWwWAt2vXucPkSypgQxMBpHrPTdKawF
A09cDVASZJVqvemkrxvT7g2DcgSCC6wG0t28XIynCsX5W/JCj6Q=
=qs0r
-----END PGP SIGNATURE-----

-------------------- End of forwarded message --------------------
L
L
Ludovic Courtès wrote on 15 Mar 2021 14:43
control message for bug #47141
(address . control@debbugs.gnu.org)
87mtv4h6ry.fsf@gnu.org
tags 47141 + security
quit
L
L
Leo Famulari wrote on 24 Mar 2021 05:06
(no subject)
(address . control@debbugs.gnu.org)
YFq6wUqi070//Gk+@jasmine.lan
block 47297 with 47140
block 47297 with 47141
block 47297 with 47142
block 47297 with 47143
block 47297 with 47144
L
L
Léo Le Bouter wrote on 4 Apr 2021 02:40
Zabbix packages vulnerable to CVE-2021-27927
(address . 47141-done@debbugs.gnu.org)
45008b466d58f9ea78365ad64fd9000ae9fe0132.camel@zaclys.net
Fixed in dda88cda120d75f7d139e54367c0d76e574091dc
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBpCv4ACgkQRaix6GvN
EKbmEw/+KP2Rq5vuf2v3nNStl4aqh7BO+6UJj/tIPNteOQGROrkbP2YeolA/XaF1
uo+3M8WbNZEiyPCqih3burHGBKh1oTWcwzTGe7fedPOyBn7caKleh/ryrR1ku2Mx
cywCjRHtnxf+fCEOr3LSidfz+EHCNiDxmFzMzdi5UqxPon6O+4Pke/bIJOugGhVH
9BvWh6h6Yp15kpO7cPlMHCD8tEu0QDsaKccsEoHU5ivewuU3toQYSsvdzJVjbDPS
31rau/irk55XgJmvWOffTCcYTTJ/q2kgmTPUBSiCH5P2VZ2ZJI9Kqmi0Xz68OK84
QgRDWJ9mOfLgc6tB1l2gGdRcCggbK1jZNvjUXWfVcasswwghuUnY8nQGVtF3JIyD
9jrIVbcXu+cwd1CvDodTMYQhA11UaDIIQYExh0z1q2T3XhKY7MSL2B48pSR32C2O
rui+AXooW1N739BLYNzb+dPJdyTgvVGyW8R2D8VMntLrlHwDyAtut1E7JwUOatEs
vyP+l+irL66n+to7YFPUqLYkJN7X+Euae80t5ykYvFP6KBaAt/QXJrDfOhsOYRZS
4oeo2jr986ChVA8JgxdvnwTmpM+fNl01OhctjZOzqri9mqChlA4Z5vJg75FVDDGk
g1c/LxYJ/AvQiVHU+Xinjz+nuxJ/y8pi/KCvviYc0Xi9P0/+aSE=
=jrIu
-----END PGP SIGNATURE-----


Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 47141@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 47141
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch