Bug#1117448: marked as done (zabbix: CVE-2025-49641 CVE-2025-27238 CVE-2025-27236 CVE-2025-27233 CVE-2025-27231)

Debian Bug Tracking System Thu, 05 Mar 2026 12:33:22 -0800

Your message dated Thu, 05 Mar 2026 20:32:20 +0000
with message-id <[email protected]>
and subject line Bug#1117448: fixed in zabbix 1:7.0.22+dfsg-1~deb13u1
has caused the Debian Bug report #1117448,
regarding zabbix: CVE-2025-49641 CVE-2025-27238 CVE-2025-27236 CVE-2025-27233 
CVE-2025-27231
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1117448: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Source: zabbix
Version: 1:7.0.10+dfsg-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerabilities were published for zabbix.

CVE-2025-49641[0]:
| A regular Zabbix user with no permission to the Monitoring ->
| Problems view is still able to call the problem.view.refresh action
| and therefore still retrieve a list of active problems.


CVE-2025-27238[1]:
| Due to a bug in Zabbix API, the hostprototype.get method lists all
| host prototypes to users that do not have any user groups assigned
| to them.


CVE-2025-27236[2]:
| A regular Zabbix user can search other users in their user group via
| Zabbix API by select fields the user does not have access to view.
| This allows data-mining some field values the user does not have
| access to.


CVE-2025-27233[3]:
| Zabbix Agent 2 smartctl plugin does not properly sanitize
| smart.disk.get parameters, allowing an attacker to inject unexpected
| arguments into the smartctl command. This can be used to leak the
| NTLMv2 hash from a Windows system.


CVE-2025-27231[4]:
| The LDAP 'Bind password' value cannot be read after saving, but a
| Super Admin account can leak it by changing LDAP 'Host' to a rogue
| LDAP server. To mitigate this, the 'Bind password' value is now
| reset on 'Host' change.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-49641
    https://www.cve.org/CVERecord?id=CVE-2025-49641
[1] https://security-tracker.debian.org/tracker/CVE-2025-27238
    https://www.cve.org/CVERecord?id=CVE-2025-27238
[2] https://security-tracker.debian.org/tracker/CVE-2025-27236
    https://www.cve.org/CVERecord?id=CVE-2025-27236
[3] https://security-tracker.debian.org/tracker/CVE-2025-27233
    https://www.cve.org/CVERecord?id=CVE-2025-27233
[4] https://security-tracker.debian.org/tracker/CVE-2025-27231
    https://www.cve.org/CVERecord?id=CVE-2025-27231

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: zabbix
Source-Version: 1:7.0.22+dfsg-1~deb13u1
Done: Bastien Roucariès <[email protected]>

We believe that the bug you reported is fixed in the latest version of
zabbix, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès <[email protected]> (supplier of updated zabbix package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 08 Feb 2026 14:49:50 +0100
Source: zabbix
Architecture: source
Version: 1:7.0.22+dfsg-1~deb13u1
Distribution: trixie
Urgency: medium
Maintainer: Dmitry Smirnov <[email protected]>
Changed-By: Bastien Roucariès <[email protected]>
Closes: 1117448 1121841
Changes:
 zabbix (1:7.0.22+dfsg-1~deb13u1) trixie; urgency=medium
 .
   * Non Maintainer Upload by LTS Team
   * Upload to trixie (Closes: #1121841, #1117448)
     + Fix CVE-2025-49643 (fixed in 7.0.19)
     + Fix CVE-2025-49641 (fixed in 7.0.18)
     + Fix CVE-2025-27238 (fixed in 7.0.14)
     + Fix CVE-2025-27236 (fixed in 7.0.17)
     + Fix CVE-2025-27233 (fixed in 7.0.11)
     + Fix CVE-2025-27231 (fixed in 7.0.18)
Checksums-Sha1:
 dfa754c4a626032cc302a6750299fa0a707cf41a 4233 zabbix_7.0.22+dfsg-1~deb13u1.dsc
 6c49ac7d1a4ea112dca8c6008cc24eadd392e369 12513640 
zabbix_7.0.22+dfsg.orig-templates.tar.xz
 508cc7af85739ce92ca0e4b0cf90fe3a32b52411 906300 
zabbix_7.0.22+dfsg.orig-vendor.tar.xz
 209e4099d2004b93985079457c21af0c0319064b 22741900 
zabbix_7.0.22+dfsg.orig.tar.xz
 0be66f4f3eac96f15025ab35c2fac6df8d99bd02 144924 
zabbix_7.0.22+dfsg-1~deb13u1.debian.tar.xz
 2af4cfe9844626de01413d5db15de95602b50b43 6054 
zabbix_7.0.22+dfsg-1~deb13u1_source.buildinfo
Checksums-Sha256:
 09e5e401043fb58ca87b9749696069449dad34ea24d07d63d93554c79664e22f 4233 
zabbix_7.0.22+dfsg-1~deb13u1.dsc
 b102ce916fbce2c3aea54b230445c6da2f9744626191c32223e6cce80c2b552c 12513640 
zabbix_7.0.22+dfsg.orig-templates.tar.xz
 1ee4440b1646fb4c401f1d040540d9de6fb6b81d156bd08762bf8cfdec76ed4a 906300 
zabbix_7.0.22+dfsg.orig-vendor.tar.xz
 4ad15329ccd81efb9c603ffd62d7240de30760e65f134cfc8078a594a1f4f688 22741900 
zabbix_7.0.22+dfsg.orig.tar.xz
 4937658b473b69fae5c2aeda7454b01979472d3754b1c4e13ef47264205e0680 144924 
zabbix_7.0.22+dfsg-1~deb13u1.debian.tar.xz
 ccb5e93e05522355aead291eb5da34d1e981872aac8c4e99c21751f60a0cf877 6054 
zabbix_7.0.22+dfsg-1~deb13u1_source.buildinfo
Files:
 1116e20f3f86064e78efc944f585d538 4233 net optional 
zabbix_7.0.22+dfsg-1~deb13u1.dsc
 3afd96b168a649f3a1cd810ebc88c459 12513640 net optional 
zabbix_7.0.22+dfsg.orig-templates.tar.xz
 9be2db1ed5142d71f36e0d765f84746e 906300 net optional 
zabbix_7.0.22+dfsg.orig-vendor.tar.xz
 0b5012d2281728863983db52140b81b5 22741900 net optional 
zabbix_7.0.22+dfsg.orig.tar.xz
 7eefb4474e1b9577c9f0dd1bbdab3014 144924 net optional 
zabbix_7.0.22+dfsg-1~deb13u1.debian.tar.xz
 4b362f429998c97252c8a45dea38c377 6054 net optional 
zabbix_7.0.22+dfsg-1~deb13u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmmlcPwACgkQADoaLapB
CF8KZBAAriT/ldQMffLVOlfP80BehMDegpUeDDXqClIFWupQ2l8ZL+DjI6AaDRZW
5IvLRcdq3NrQy8bvDaUJ3/r0dRAe9b8/S7HyyYF5RSzeJFc/RXWLZ5wWkP0xF3Tp
+yqFiEhgr6jZ1uIJNGB9LqBUOq8VBjp4pPzFjD7v9Vozip6Etcd5j9nWswwXaHk8
byoTq5x7PCLiFxe9zTttez0VHNNtVrMe/cuunM5WydF2DHUT1x/p91DBcN2Dfpgp
4/DdGf5rm46Tr9/Mx8sCHnXYQybCRJXLu2leAEoEVEwknzqNbfT1mT+DOvrl0JeZ
lT3CWDZH/0uRxbABoWgG/aYP9x7xjg81kudXMlhvCN6ueVjp8UpE++AWUjQMTtfP
R5ALhzPIYqd0XLKYPNFbZLUoDOpDODL8coJlCrnW1Om1AYuXmRhBESoxm78nKiMd
l3kfWpcocGC/t91Bzx644uHYEE/oQHEL6XUDyK0G/7+zzFABKT6ara6rEtddrNf9
/HReGHVoqZIgHK4D3gkpBgIfQiM25081p8+ZPa4PcCyXmiGoO+v7jzHUFpr3Jr33
WVYVSQpIpn5ov+r1srQqrWrEcqn6FBNCvDtALScWw3k4bDSzf7XJTjHgUXFhjlmA
cH8cjrjvNJ5ZuuMuztg5yRxWGP4jBbo0kg2dAbWHDEtr2XOD9kQ=
=kxMR
-----END PGP SIGNATURE-----

pgpt23CNhP2ZO.pgp
Description: PGP signature

--- End Message ---

Bug#1117448: marked as done (zabbix: CVE-2025-49641 CVE-2025-27238 CVE-2025-27236 CVE-2025-27233 CVE-2025-27231)

Reply via email to