Bug#652664: marked as done (CVE-2011-4615)

Fri, 27 Jan 2012 15:09:27 -0800 

Your message dated Fri, 27 Jan 2012 23:04:50 +0000
with message-id <e1rquqg-0006mq...@franck.debian.org>
and subject line Bug#652664: fixed in zabbix 1:1.8.10-1
has caused the Debian Bug report #652664,
regarding CVE-2011-4615
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
652664: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652664
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: zabbix
Severity: grave
Tags: security

Hi,
a new Zabbix issue was reported. This is CVE-2011-4615:

http://www.zabbix.com/rn1.8.10rc1.php
https://support.zabbix.com/browse/ZBX-4015
https://bugzilla.redhat.com/show_bug.cgi?id=768525

Any update on the security update we discussed a few weeks ago?

Cheers,
        Moritz

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---
--- Begin Message --- 
Source: zabbix
Source-Version: 1:1.8.10-1

We believe that the bug you reported is fixed in the latest version of
zabbix, which is due to be installed in the Debian FTP archive:

zabbix-agent_1.8.10-1_amd64.deb
  to main/z/zabbix/zabbix-agent_1.8.10-1_amd64.deb
zabbix-frontend-php_1.8.10-1_all.deb
  to main/z/zabbix/zabbix-frontend-php_1.8.10-1_all.deb
zabbix-proxy-mysql_1.8.10-1_amd64.deb
  to main/z/zabbix/zabbix-proxy-mysql_1.8.10-1_amd64.deb
zabbix-proxy-pgsql_1.8.10-1_amd64.deb
  to main/z/zabbix/zabbix-proxy-pgsql_1.8.10-1_amd64.deb
zabbix-proxy-sqlite3_1.8.10-1_amd64.deb
  to main/z/zabbix/zabbix-proxy-sqlite3_1.8.10-1_amd64.deb
zabbix-server-mysql_1.8.10-1_amd64.deb
  to main/z/zabbix/zabbix-server-mysql_1.8.10-1_amd64.deb
zabbix-server-pgsql_1.8.10-1_amd64.deb
  to main/z/zabbix/zabbix-server-pgsql_1.8.10-1_amd64.deb
zabbix_1.8.10-1.debian.tar.gz
  to main/z/zabbix/zabbix_1.8.10-1.debian.tar.gz
zabbix_1.8.10-1.dsc
  to main/z/zabbix/zabbix_1.8.10-1.dsc
zabbix_1.8.10.orig.tar.gz
  to main/z/zabbix/zabbix_1.8.10.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 652...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Haas <h...@debian.org> (supplier of updated zabbix package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 02 Jan 2012 23:00:43 +0100
Source: zabbix
Binary: zabbix-agent zabbix-server-mysql zabbix-server-pgsql 
zabbix-frontend-php zabbix-proxy-pgsql zabbix-proxy-mysql zabbix-proxy-sqlite3
Architecture: source amd64 all
Version: 1:1.8.10-1
Distribution: unstable
Urgency: low
Maintainer: Christoph Haas <h...@debian.org>
Changed-By: Christoph Haas <h...@debian.org>
Description: 
 zabbix-agent - network monitoring solution - agent
 zabbix-frontend-php - network monitoring solution - PHP front-end
 zabbix-proxy-mysql - network monitoring solution - proxy (using MySQL)
 zabbix-proxy-pgsql - network monitoring solution - proxy (using PostgreSQL)
 zabbix-proxy-sqlite3 - network monitoring solution - proxy (using SQLite3)
 zabbix-server-mysql - network monitoring solution - server (using MySQL)
 zabbix-server-pgsql - network monitoring solution - server (using PostgreSQL)
Closes: 647458 652664 652723 652880 652923 653210 655488 656774 657193
Changes: 
 zabbix (1:1.8.10-1) unstable; urgency=low
 .
   * New upstream release (resolves security bug
     CVE-2011-5027 mentioned in #652664).
   * Fixed typo in synopsis (closes: #652723)
   * Updated pt_BR.po template (closes: #652880)
   * Updated pt.po template (closes: #652923)
   * Updated ru.po template (closes: #653210)
   * Fixed FTBFS (closes: #655488)
   * Checking more thoroughly for an installed Apache in
     zabbix-frontend-php.postinst to make sure the script does not fail if
     other 'httpd' than Apache are installed (closes: #647458)
   * Fixed XSS security issue (closes: #657193)
   * Fixed XSS security issue (closes: #652664)
   * Enabled hardened build flags (closes: #656774)
Checksums-Sha1: 
 7b696eef0e77a7a134a0e6c7956f546448079171 1854 zabbix_1.8.10-1.dsc
 3d36413b9bd04da66775e9255243242d205a7e9c 4217417 zabbix_1.8.10.orig.tar.gz
 68465005deb16ab85c6bf6008ff2e595f8587cb3 51673 zabbix_1.8.10-1.debian.tar.gz
 cf30f4d6c20445baae5f7f15cda66f4f91b02a61 310866 zabbix-agent_1.8.10-1_amd64.deb
 e00655434050b9099d709b79fbbade59e3488fca 697644 
zabbix-server-mysql_1.8.10-1_amd64.deb
 1cc5cb14b714d152e16212d9fa2f2afdf70ac4bd 700922 
zabbix-server-pgsql_1.8.10-1_amd64.deb
 0a204396a02437c0b2828f87f0fe62ccb9ab00cb 377846 
zabbix-proxy-pgsql_1.8.10-1_amd64.deb
 ec50f3ca191ca77147ea2e2ac4ccef8f822b992b 376220 
zabbix-proxy-mysql_1.8.10-1_amd64.deb
 04a12b9ac006f53223da9edec56094d9c8c5ef1c 503884 
zabbix-proxy-sqlite3_1.8.10-1_amd64.deb
 b06a6652339f7558984cf5c6708907875eeb73b9 1961078 
zabbix-frontend-php_1.8.10-1_all.deb
Checksums-Sha256: 
 4e7a8337442be954338d62e4853eb0628c4f88ebf765e7549ebb643b2d511672 1854 
zabbix_1.8.10-1.dsc
 d965d23f2ce8c7ddee7a1532863a208fae28958e3fc0871e0229ffa06f88a54b 4217417 
zabbix_1.8.10.orig.tar.gz
 cafff9b2ae06ae9b9166b62f3107b0df04ce03f8d8c02fed360e89d00a9e29d1 51673 
zabbix_1.8.10-1.debian.tar.gz
 774537f29aee079776830d80698544a2bb615ff6cde5a6ecad9142ead670f6f4 310866 
zabbix-agent_1.8.10-1_amd64.deb
 00b93146e5b6f28b92587597747fa34c86f46bb52dbc57c7019ec8c76895d1de 697644 
zabbix-server-mysql_1.8.10-1_amd64.deb
 40c2536265fc0d57c2c0e591b55a89b6293e175f8c4f672ff66b3105d38d9214 700922 
zabbix-server-pgsql_1.8.10-1_amd64.deb
 af18e5f66d32be33e78a7dbfb8571857ed2e4dfb92bba6da8b2be19e1a938ed7 377846 
zabbix-proxy-pgsql_1.8.10-1_amd64.deb
 c5e7326fd006e993f90f58fd44864eeea796bba912ec59924c80fec5bffd3018 376220 
zabbix-proxy-mysql_1.8.10-1_amd64.deb
 8a142953319e0945aa13d1b1b9c6876180efb38832112d611443c47f24eb6d42 503884 
zabbix-proxy-sqlite3_1.8.10-1_amd64.deb
 7a1d77e985284582a601f6c2ea5d937a7712c16207d0a931f3a79f34dc8f7627 1961078 
zabbix-frontend-php_1.8.10-1_all.deb
Files: 
 bf3932a3d047a197af7f68500b2d39f1 1854 net optional zabbix_1.8.10-1.dsc
 7e89f80c1822787c0831f7c0dbefcd7b 4217417 net optional zabbix_1.8.10.orig.tar.gz
 9d2b919dcd3c6f39b91d4981951dfa1e 51673 net optional 
zabbix_1.8.10-1.debian.tar.gz
 fb34181490b9fa8476d4827ccfe543a8 310866 net optional 
zabbix-agent_1.8.10-1_amd64.deb
 6865e5e7a5708fdaeb416e8cb50bc760 697644 net optional 
zabbix-server-mysql_1.8.10-1_amd64.deb
 23460d25f5c94cb234469c272f088738 700922 net optional 
zabbix-server-pgsql_1.8.10-1_amd64.deb
 975585d56b485654d958cc59552396e0 377846 net optional 
zabbix-proxy-pgsql_1.8.10-1_amd64.deb
 01b73477fcd2ae8401f37269d845c728 376220 net optional 
zabbix-proxy-mysql_1.8.10-1_amd64.deb
 3d6c62bba0282c9d3d6a3967c5c127fd 503884 net optional 
zabbix-proxy-sqlite3_1.8.10-1_amd64.deb
 8644d843695421d249ecfebb0bdfedb9 1961078 net optional 
zabbix-frontend-php_1.8.10-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk8jKGYACgkQCV53xXnMZYYe6QCgskawaFZEwVcnpOn7WNuxkluw
vY8AoKVrLa2NP0gfvvQvGuuj3U4xJcwi
=06sN
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to