Zabbix packages vulnerable to CVE-2021-27927

DoneSubmitted by Mark H Weaver.
Details
4 participants
  • Leo Famulari
  • Léo Le Bouter
  • Ludovic Courtès
  • Mark H Weaver
Owner
unassigned
Severity
normal
M
M
Mark H Weaver wrote on 14 Mar 2021 22:32
Download
(address . bug-guix@gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
87ft0xs9oi.fsf@netris.org
Download
I'm forwarding this to bug-guix@gnu.org so that it won't be forgotten.

Mark

-------------------- Start of forwarded message --------------------
Subject: Zabbix packages vulnerable to CVE-2021-27927
From: Léo Le Bouter <lle-bout@zaclys.net>
To: guix-devel@gnu.org
Date: Wed, 03 Mar 2021 21:08:54 +0100
Download
Would be nice to update, it's a CSRF so not very high severity but
still.

See https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27927
Download
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmA/7NYACgkQRaix6GvN
EKb/4BAAjvfkGDGmWsGDHX0GdnjLedyPi+sL454Ab0s+qArInZP9a9ef66S70DMk
PbMngbn6//BKG6DnQXWCDbnNpvvBC9MmoddswH+VDDMZStjmefRApbx85ANY5JCE
bRnj09VXtBjpcqZ2M4aTMmsKgspWlx6cbHlXY/tdgsayMWvL0IdzgGceG8cDj3bi
3szxIo8gioGyNlJWdg7WxdduGASRor8msI5de++bbZrXpIGVeq6MhQPzPbBNP4x7
fJiEFRcwVHzjTrLvJwqw3iMBZFYRLja++R8+AVhR49rIfjWYfPK2F/Nue6CUyHil
W/63J5kaV6JutirNhHszpOFgNrRKO1MPuJlhkJnLZM5QjCrIXIrVxLj7SY/iVaXe
hdof/x+Qln/y9QX1AUwxvIxlre0uS2xFnksEFU5iNwnrNG5mzmN3fnLs44IuHldI
K+3YeC6atL9hdTuwK3rhmLdTAsO4zMOi8+JoR8DgQMnmHrWQMryJCPxE1cLGwbKL
lUradyG+TKo+/9HScGy9UwxI7f+qYaDgs6dTo5LixYd5z9SMsxNLEWSnv2xNpst7
Q0P3m5cQscTr1oYf6B/P9mBG+fr0aU7b/kWwWAt2vXucPkSypgQxMBpHrPTdKawF
A09cDVASZJVqvemkrxvT7g2DcgSCC6wG0t28XIynCsX5W/JCj6Q=
=qs0r
-----END PGP SIGNATURE-----

Download
-------------------- End of forwarded message --------------------
L
L
Ludovic Courtès wrote on 15 Mar 2021 14:43
Download
control message for bug #47141
(address . control@debbugs.gnu.org)
87mtv4h6ry.fsf@gnu.org
Download
tags 47141 + security
quit
L
L
Leo Famulari wrote on 24 Mar 2021 05:06
Download
(no subject)
(address . control@debbugs.gnu.org)
YFq6wUqi070//Gk+@jasmine.lan
Download
block 47297 with 47140
block 47297 with 47141
block 47297 with 47142
block 47297 with 47143
block 47297 with 47144
L
L
Léo Le Bouter wrote on 4 Apr 2021 02:40
Download
Zabbix packages vulnerable to CVE-2021-27927
(address . 47141-done@debbugs.gnu.org)
45008b466d58f9ea78365ad64fd9000ae9fe0132.camel@zaclys.net
Download
Fixed in dda88cda120d75f7d139e54367c0d76e574091dc
Download
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBpCv4ACgkQRaix6GvN
EKbmEw/+KP2Rq5vuf2v3nNStl4aqh7BO+6UJj/tIPNteOQGROrkbP2YeolA/XaF1
uo+3M8WbNZEiyPCqih3burHGBKh1oTWcwzTGe7fedPOyBn7caKleh/ryrR1ku2Mx
cywCjRHtnxf+fCEOr3LSidfz+EHCNiDxmFzMzdi5UqxPon6O+4Pke/bIJOugGhVH
9BvWh6h6Yp15kpO7cPlMHCD8tEu0QDsaKccsEoHU5ivewuU3toQYSsvdzJVjbDPS
31rau/irk55XgJmvWOffTCcYTTJ/q2kgmTPUBSiCH5P2VZ2ZJI9Kqmi0Xz68OK84
QgRDWJ9mOfLgc6tB1l2gGdRcCggbK1jZNvjUXWfVcasswwghuUnY8nQGVtF3JIyD
9jrIVbcXu+cwd1CvDodTMYQhA11UaDIIQYExh0z1q2T3XhKY7MSL2B48pSR32C2O
rui+AXooW1N739BLYNzb+dPJdyTgvVGyW8R2D8VMntLrlHwDyAtut1E7JwUOatEs
vyP+l+irL66n+to7YFPUqLYkJN7X+Euae80t5ykYvFP6KBaAt/QXJrDfOhsOYRZS
4oeo2jr986ChVA8JgxdvnwTmpM+fNl01OhctjZOzqri9mqChlA4Z5vJg75FVDDGk
g1c/LxYJ/AvQiVHU+Xinjz+nuxJ/y8pi/KCvviYc0Xi9P0/+aSE=
=jrIu
-----END PGP SIGNATURE-----


Closed
?
Your comment

This issue is archived.

To comment on this conversation send email to 47141@debbugs.gnu.org