GNU bug report logs - #47141
Zabbix packages vulnerable to CVE-2021-27927

Previous Next

Package: guix;

Reported by: Mark H Weaver <mhw <at> netris.org>

Date: Sun, 14 Mar 2021 21:34:02 UTC

Severity: normal

Tags: security

Done: Léo Le Bouter <lle-bout <at> zaclys.net>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 47141 in the body.
You can then email your comments to 47141 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-guix <at> gnu.org:
bug#47141; Package guix. (Sun, 14 Mar 2021 21:34:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Mark H Weaver <mhw <at> netris.org>:
New bug report received and forwarded. Copy sent to bug-guix <at> gnu.org. (Sun, 14 Mar 2021 21:34:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Mark H Weaver <mhw <at> netris.org>
To: bug-guix <at> gnu.org
Cc: Léo Le Bouter <lle-bout <at> zaclys.net>
Subject: Zabbix packages vulnerable to CVE-2021-27927
Date: Sun, 14 Mar 2021 17:32:18 -0400

[Message part 1 (text/plain, inline)]
I'm forwarding this to bug-guix <at> gnu.org so that it won't be forgotten.

      Mark

-------------------- Start of forwarded message --------------------
Subject: Zabbix packages vulnerable to CVE-2021-27927
From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: guix-devel <at> gnu.org
Date: Wed, 03 Mar 2021 21:08:54 +0100


[Message part 2 (text/plain, inline)]
Would be nice to update, it's a CSRF so not very high severity but
still.

See https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27927

[signature.asc (application/pgp-signature, inline)]
[Message part 4 (text/plain, inline)]
-------------------- End of forwarded message --------------------
Added tag(s) security. Request was from Ludovic Courtès <ludo <at> gnu.org> to control <at> debbugs.gnu.org. (Mon, 15 Mar 2021 13:44:03 GMT) Full text and rfc822 format available.
Added indication that bug 47141 blocks47297 Request was from Leo Famulari <leo <at> famulari.name> to control <at> debbugs.gnu.org. (Wed, 24 Mar 2021 04:07:02 GMT) Full text and rfc822 format available.
Reply sent to Léo Le Bouter <lle-bout <at> zaclys.net>:
You have taken responsibility. (Sun, 04 Apr 2021 00:41:02 GMT) Full text and rfc822 format available.
Notification sent to Mark H Weaver <mhw <at> netris.org>:
bug acknowledged by developer. (Sun, 04 Apr 2021 00:41:02 GMT) Full text and rfc822 format available.

Message #14 received at 47141-done <at> debbugs.gnu.org (full text, mbox):

From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: 47141-done <at> debbugs.gnu.org
Subject: Zabbix packages vulnerable to CVE-2021-27927
Date: Sun, 04 Apr 2021 02:40:30 +0200

[Message part 1 (text/plain, inline)]
Fixed in dda88cda120d75f7d139e54367c0d76e574091dc

[signature.asc (application/pgp-signature, inline)]
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Sun, 02 May 2021 11:24:04 GMT) Full text and rfc822 format available.
This bug report was last modified 2 years and 358 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.