stable
FEDORA-EPEL-2022-92a697e332 created by orion 8 months ago for Fedora EPEL 7

Update to 4.0.37 (CVE-2022-23132, CVE-2022-23133, CVE-2022-23134)

This update has been submitted for testing by orion.

8 months ago

This update's test gating status has been changed to 'ignored'.

8 months ago

This update has been pushed to testing.

8 months ago

This update has been submitted for stable by bodhi.

8 months ago

FEDORA-EPEL-2022-92a697e332 ejected from the push because "Cannot find relevant tag for zabbix40-4.0.37-1.el7. None of ['epel7'] are in ['epel9-next-testing-candidate', 'epel7-testing-candidate', 'dist-5E-epel-testing-candidate', 'f27-modular-updates-candidate', 'f34-container-updates-candidate', 'eln-updates-candidate', 'f30-modular-updates-candidate', 'f28-modular-updates-candidate', 'f28-container-updates-candidate', 'f30-container-updates-candidate', 'epel8-testing-candidate', 'f30-flatpak-updates-candidate', 'f35-container-updates-candidate', 'f32-modular-updates-candidate', 'f29-modular-updates-candidate', 'f29-container-updates-candidate', 'f29-flatpak-updates-candidate', 'f22-updates-candidate', 'f21-updates-candidate', 'f25-updates-candidate', 'f24-updates-candidate', 'f23-updates-candidate', 'f26-updates-candidate', 'f31-modular-updates-candidate', 'dist-6E-epel-testing-candidate', 'f32-flatpak-updates-candidate', 'f35-flatpak-updates-candidate', 'f27-updates-candidate', 'f28-updates-candidate', 'f30-updates-candidate', 'f29-updates-candidate', 'el8-modular-updates-candidate', 'f32-updates-candidate', 'epel9-testing-candidate', 'f31-updates-candidate', 'f31-container-updates-candidate', 'f31-flatpak-updates-candidate', 'f34-updates-candidate', 'f34-modular-updates-candidate', 'f34-flatpak-updates-candidate', 'f36-container-updates-candidate', 'f32-container-updates-candidate', 'epel8-next-testing-candidate', 'f35-updates-candidate', 'f35-modular-updates-candidate', 'f33-updates-candidate', 'f36-updates-candidate', 'f33-modular-updates-candidate', 'f33-container-updates-candidate', 'f33-flatpak-updates-candidate']."

8 months ago

FEDORA-EPEL-2022-92a697e332 ejected from the push because "Cannot find relevant tag for zabbix40-4.0.37-1.el7. None of ['epel7', 'epel7-pending'] are in ['epel9-next-testing-candidate', 'epel7-testing-candidate', 'dist-5E-epel-testing-candidate', 'f27-modular-updates-candidate', 'f34-container-updates-candidate', 'eln-updates-candidate', 'f30-modular-updates-candidate', 'f28-modular-updates-candidate', 'f28-container-updates-candidate', 'f30-container-updates-candidate', 'epel8-testing-candidate', 'f30-flatpak-updates-candidate', 'f35-container-updates-candidate', 'f32-modular-updates-candidate', 'f29-modular-updates-candidate', 'f29-container-updates-candidate', 'f29-flatpak-updates-candidate', 'f22-updates-candidate', 'f21-updates-candidate', 'f25-updates-candidate', 'f24-updates-candidate', 'f23-updates-candidate', 'f26-updates-candidate', 'f31-modular-updates-candidate', 'dist-6E-epel-testing-candidate', 'f32-flatpak-updates-candidate', 'f35-flatpak-updates-candidate', 'f27-updates-candidate', 'f28-updates-candidate', 'f30-updates-candidate', 'f29-updates-candidate', 'el8-modular-updates-candidate', 'f32-updates-candidate', 'epel9-testing-candidate', 'f31-updates-candidate', 'f31-container-updates-candidate', 'f31-flatpak-updates-candidate', 'f34-updates-candidate', 'f34-modular-updates-candidate', 'f34-flatpak-updates-candidate', 'f36-container-updates-candidate', 'f32-container-updates-candidate', 'epel8-next-testing-candidate', 'f35-updates-candidate', 'f35-modular-updates-candidate', 'f33-updates-candidate', 'f36-updates-candidate', 'f33-modular-updates-candidate', 'f33-container-updates-candidate', 'f33-flatpak-updates-candidate']."

8 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
8 months ago
in testing
8 months ago
in stable
8 months ago
BZ#2040747 CVE-2022-23134 zabbix40: zabbix: Possible view of the setup pages by unauthenticated users if config file already exists [epel-all]
0
0
BZ#2040749 CVE-2022-23131 zabbix: Unsafe client-side session storage leading to authentication bypass / instance takeover via Zabbix Frontend with configured SAML
0
0
BZ#2040751 CVE-2022-23131 zabbix40: zabbix: Unsafe client-side session storage leading to authentication bypass / instance takeover via Zabbix Frontend with configured SAML [epel-all]
0
0
BZ#2040756 CVE-2022-23132 zabbix40: zabbix: Incorrect permissions of [/var/run/zabbix] forces dac_override [epel-all]
0
0
BZ#2040760 CVE-2022-23133 zabbix40: zabbix: Stored XSS in host groups configuration window in Zabbix Frontend [epel-all]
0
0

Automated Test Results