Описание
Security update for zabbix
This update for zabbix fixes the following issues:
Updated to version 3.0.31.
- CVE-2020-15803: Fixed an XSS in the URL Widget (boo#1174253).
Список пакетов
SUSE Package Hub 15 SP1
zabbix-agent-3.0.31-bp152.2.3.1
zabbix-bash-completion-3.0.31-bp152.2.3.1
zabbix-java-gateway-3.0.31-bp152.2.3.1
zabbix-phpfrontend-3.0.31-bp152.2.3.1
zabbix-proxy-3.0.31-bp152.2.3.1
zabbix-proxy-mysql-3.0.31-bp152.2.3.1
zabbix-proxy-postgresql-3.0.31-bp152.2.3.1
zabbix-proxy-sqlite-3.0.31-bp152.2.3.1
zabbix-server-3.0.31-bp152.2.3.1
zabbix-server-mysql-3.0.31-bp152.2.3.1
zabbix-server-postgresql-3.0.31-bp152.2.3.1
zabbix-server-sqlite-3.0.31-bp152.2.3.1
SUSE Package Hub 15 SP2
zabbix-agent-3.0.31-bp152.2.3.1
zabbix-bash-completion-3.0.31-bp152.2.3.1
zabbix-java-gateway-3.0.31-bp152.2.3.1
zabbix-phpfrontend-3.0.31-bp152.2.3.1
zabbix-proxy-3.0.31-bp152.2.3.1
zabbix-proxy-mysql-3.0.31-bp152.2.3.1
zabbix-proxy-postgresql-3.0.31-bp152.2.3.1
zabbix-proxy-sqlite-3.0.31-bp152.2.3.1
zabbix-server-3.0.31-bp152.2.3.1
zabbix-server-mysql-3.0.31-bp152.2.3.1
zabbix-server-postgresql-3.0.31-bp152.2.3.1
zabbix-server-sqlite-3.0.31-bp152.2.3.1
openSUSE Leap 15.1
zabbix-agent-3.0.31-bp152.2.3.1
zabbix-bash-completion-3.0.31-bp152.2.3.1
zabbix-java-gateway-3.0.31-bp152.2.3.1
zabbix-phpfrontend-3.0.31-bp152.2.3.1
zabbix-proxy-3.0.31-bp152.2.3.1
zabbix-proxy-mysql-3.0.31-bp152.2.3.1
zabbix-proxy-postgresql-3.0.31-bp152.2.3.1
zabbix-proxy-sqlite-3.0.31-bp152.2.3.1
zabbix-server-3.0.31-bp152.2.3.1
zabbix-server-mysql-3.0.31-bp152.2.3.1
zabbix-server-postgresql-3.0.31-bp152.2.3.1
zabbix-server-sqlite-3.0.31-bp152.2.3.1
openSUSE Leap 15.2
zabbix-agent-3.0.31-bp152.2.3.1
zabbix-bash-completion-3.0.31-bp152.2.3.1
zabbix-java-gateway-3.0.31-bp152.2.3.1
zabbix-phpfrontend-3.0.31-bp152.2.3.1
zabbix-proxy-3.0.31-bp152.2.3.1
zabbix-proxy-mysql-3.0.31-bp152.2.3.1
zabbix-proxy-postgresql-3.0.31-bp152.2.3.1
zabbix-proxy-sqlite-3.0.31-bp152.2.3.1
zabbix-server-3.0.31-bp152.2.3.1
zabbix-server-mysql-3.0.31-bp152.2.3.1
zabbix-server-postgresql-3.0.31-bp152.2.3.1
zabbix-server-sqlite-3.0.31-bp152.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:1604-1
- SUSE Security Ratings
- SUSE Bug 1174253
- SUSE CVE CVE-2020-11800 page
- SUSE CVE CVE-2020-15803 page
Описание
Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
Затронутые продукты
SUSE Package Hub 15 SP1:zabbix-agent-3.0.31-bp152.2.3.1
SUSE Package Hub 15 SP1:zabbix-bash-completion-3.0.31-bp152.2.3.1
SUSE Package Hub 15 SP1:zabbix-java-gateway-3.0.31-bp152.2.3.1
SUSE Package Hub 15 SP1:zabbix-phpfrontend-3.0.31-bp152.2.3.1
Ссылки
- CVE-2020-11800
- SUSE Bug 1177467
Описание
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
Затронутые продукты
SUSE Package Hub 15 SP1:zabbix-agent-3.0.31-bp152.2.3.1
SUSE Package Hub 15 SP1:zabbix-bash-completion-3.0.31-bp152.2.3.1
SUSE Package Hub 15 SP1:zabbix-java-gateway-3.0.31-bp152.2.3.1
SUSE Package Hub 15 SP1:zabbix-phpfrontend-3.0.31-bp152.2.3.1
Ссылки
- CVE-2020-15803
- SUSE Bug 1174253