Site Navigation:
security zabbix-2.0.8-3.fc19 security update
Status:stable
Release: Fedora 19
Update ID: FEDORA-2013-18351
Builds: zabbix-2.0.8-3.fc19 (logs)
Pushed: True
Date Submitted: 2013-10-03 20:30:48
Date Released: 2013-10-06 00:18:16
Submitter: volter
Karma: 1
Stable karma: 3
Unstable karma: -3
Details
  • New upstream version 2.0.8
  • Patch for CVE-2013-5743 (SQL injection vulnerability, ZBX-7091)
  • Patch for ZBX-6922 (Failing host XML import)
  • SQL speed-up patch for graphs (ZBX-6804)
  • Require php-ldap and ZBX-6992 (Service SQL)
  • Create and configure a spooling directory for fping files outside of /tmp
  • Update README to reflect that and add a SELinux section
  • Drop PrivateTmp from systemd unit files

This update solves a security issue involving the use of libcurl in the code used to access the eztexting service. It potentially allows for man-in-the-middle attacks. The issue was described as CVE-2012-6086.

Please refer to https://support.zabbix.com/browse/ZBX-5924 for details!

Bugs Fixed
983096 - Zabbix WEB doesn't work due to deprecated mysql_connect()
892687 - CVE-2012-6086: zabbix: Improper use of cURL API might lead to improper SSL certificate verification (MiTM) [fedora-all]
Feedback
bodhi - 2013-10-03 20:31:20
This update has been submitted for testing by volter.
autoqa - 2013-10-03 20:44:09
AutoQA: depcheck test PASSED on x86_64. Result log: http://autoqa.fedoraproject.org/report/13d7v (results are informative only)
autoqa - 2013-10-03 20:44:09
AutoQA: depcheck test PASSED on i386. Result log: http://autoqa.fedoraproject.org/report/13d7u (results are informative only)
bodhi - 2013-10-05 15:04:13
This update is currently being pushed to the Fedora 19 testing updates repository.
bodhi - 2013-10-06 01:28:47
This update has been pushed to testing
Anonymous Tester - 2013-10-06 11:11:21
Looks good.
bodhi - 2013-10-13 10:07:24
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2013-10-13 10:10:13
This update has been submitted for stable by volter.
autoqa - 2013-10-13 10:16:28
AutoQA: upgradepath test PASSED on noarch. Result log: http://autoqa.fedoraproject.org/report/13rov (results are informative only)
bodhi - 2013-10-13 21:21:16
This update is currently being pushed to the Fedora 19 stable updates repository.
kruton - 2013-10-14 00:08:13
bodhi - 2013-10-14 07:06:35
This update has been pushed to stable
bodhi - 2013-10-14 17:20:18
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters