Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package zabbix for openSUSE:Factory checked 
in at 2022-07-26 19:43:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/zabbix (Old)
 and      /work/SRC/openSUSE:Factory/.zabbix.new.1533 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "zabbix"

Tue Jul 26 19:43:29 2022 rev:19 rq:990743 version:4.0.42

Changes:
--------
--- /work/SRC/openSUSE:Factory/zabbix/zabbix.changes    2022-03-17 
17:02:00.465708747 +0100
+++ /work/SRC/openSUSE:Factory/.zabbix.new.1533/zabbix.changes  2022-07-26 
19:43:52.492900018 +0200
@@ -1,0 +2,19 @@
+Fri Jul 22 23:14:21 UTC 2022 - Boris Manojlovic <bo...@steki.net>
+
+- add CVE-2022-35230 patch file CVE-2022-35230.patch 
+
+-------------------------------------------------------------------
+Fri Jul 22 22:44:34 UTC 2022 - Boris Manojlovic <bo...@steki.net>
+
+- updated to latest release 4.0.42
+- New Features and Improvements
+  + ZBXNEXT-7694 Added "utf8mb3" character set support for MySQL database
+  + ZBX-20946 Enabled Bulgarian, Chinese (zh_TW), German, Greek, Indonesian,
+    Romanian, Spanish and Vietnamese languages in frontend
+- Bug Fixes
+  + ZBX-21123 Fixed crash when VMware VC was not available at the first moment 
when starting zabbix_server
+  + ZBX-21137 Fixed VMware collector crash related to datastore state 
disconnected from all HVs
+  + ZBX-20600 Fixed vmware hv.datastore.latency item when multiple datastores 
with duplicate name
+  + ZBX-20844 Fixed external check becoming unsupported when Zabbix server or 
Zabbix proxy is stopped
+
+-------------------------------------------------------------------

Old:
----
  zabbix-4.0.39.tar.gz

New:
----
  CVE-2022-35230.patch
  zabbix-4.0.42.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ zabbix.spec ++++++
--- /var/tmp/diff_new_pack.WDNEus/_old  2022-07-26 19:43:53.156797429 +0200
+++ /var/tmp/diff_new_pack.WDNEus/_new  2022-07-26 19:43:53.160796811 +0200
@@ -23,7 +23,7 @@
 %define agent_group  zabbix
 %define SUSEfirewall_services_dir 
%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
 Name:           zabbix
-Version:        4.0.39
+Version:        4.0.42
 Release:        0
 Summary:        Distributed monitoring system
 License:        GPL-2.0-or-later
@@ -47,6 +47,8 @@
 Source15:       README-SSL.SUSE
 # PATCH-FIX-UPSTREAM zabbix-3.0.25-new-m4-pgsql.patch fix for opensuse issue 
caused/solved by bnc#1120035
 Patch0:         zabbix-3.0.25-new-m4-pgsql.patch
+# PATCH-FIX-UPSTREAN  CVE-2022-35230.patch fix for CVE-2022-35230 
https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/3b47a97676ee9ca4e16566f1931c456459108eae
+Patch1:         CVE-2022-35230.patch
 BuildRequires:  apache-rpm-macros
 BuildRequires:  apache2-devel
 BuildRequires:  autoconf
@@ -242,6 +244,7 @@
 %prep
 %setup -q -n zabbix-%{version}
 %patch0
+%patch1
 
 cp %{SOURCE6} .
 # fix source & config files to respect adapted names

++++++ CVE-2022-35230.patch ++++++
Index: frontends/php/include/views/configuration.graph.edit.php
===================================================================
--- frontends/php/include/views/configuration.graph.edit.php.orig       
2022-06-28 08:59:47.000000000 +0200
+++ frontends/php/include/views/configuration.graph.edit.php    2022-07-23 
01:04:16.970847088 +0200
@@ -409,6 +409,10 @@ $items_table->addRow(
 );
 
 foreach ($this->data['items'] as $n => $item) {
+       if (!$item['itemid']) {
+               continue;
+       }
+
        $name = $item['host'].NAME_DELIMITER.$item['name_expanded'];
 
        if (zbx_empty($item['drawtype'])) {

++++++ zabbix-4.0.39.tar.gz -> zabbix-4.0.42.tar.gz ++++++
/work/SRC/openSUSE:Factory/zabbix/zabbix-4.0.39.tar.gz 
/work/SRC/openSUSE:Factory/.zabbix.new.1533/zabbix-4.0.42.tar.gz differ: char 
12, line 1

Reply via email to