zabbix-2.0.8-3.fc19 security update
|Date Submitted:||2013-10-03 20:30:48|
|Date Released:||2013-10-06 00:18:16|
- New upstream version 2.0.8
- Patch for CVE-2013-5743 (SQL injection vulnerability, ZBX-7091)
- Patch for ZBX-6922 (Failing host XML import)
- SQL speed-up patch for graphs (ZBX-6804)
- Require php-ldap and ZBX-6992 (Service SQL)
- Create and configure a spooling directory for fping files outside of /tmp
- Update README to reflect that and add a SELinux section
- Drop PrivateTmp from systemd unit files
This update solves a security issue involving the use of libcurl in the code used to access the eztexting service. It potentially allows for man-in-the-middle attacks. The issue was described as CVE-2012-6086.
Please refer to https://support.zabbix.com/browse/ZBX-5924 for details!Bugs Fixed983096 - Zabbix WEB doesn't work due to deprecated mysql_connect()bodhi - 2013-10-03 20:31:20This update has been submitted for testing by volter.
autoqa - 2013-10-03 20:44:09AutoQA: depcheck test PASSED on x86_64. Result log: http://autoqa.fedoraproject.org/report/13d7v (results are informative only)
autoqa - 2013-10-03 20:44:09AutoQA: depcheck test PASSED on i386. Result log: http://autoqa.fedoraproject.org/report/13d7u (results are informative only)
bodhi - 2013-10-05 15:04:13This update is currently being pushed to the Fedora 19 testing updates repository.
bodhi - 2013-10-06 01:28:47This update has been pushed to testing
Looks good.Anonymous Tester - 2013-10-06 11:11:21
bodhi - 2013-10-13 10:07:24This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2013-10-13 10:10:13This update has been submitted for stable by volter.
autoqa - 2013-10-13 10:16:28AutoQA: upgradepath test PASSED on noarch. Result log: http://autoqa.fedoraproject.org/report/13rov (results are informative only)
bodhi - 2013-10-13 21:21:16This update is currently being pushed to the Fedora 19 stable updates repository.
kruton - 2013-10-14 00:08:13
bodhi - 2013-10-14 07:06:35This update has been pushed to stable
bodhi - 2013-10-14 17:20:18This update has been pushed to stable