From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-devel-bounces+larch=yhetil.org@gnu.org>
Received: from mp1 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id UG+iEejsP2BSQAAA0tVLHw
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 03 Mar 2021 20:09:12 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1 with LMTPS
	id EKCDDejsP2BpQwAAbx9fmQ
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 03 Mar 2021 20:09:12 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id B879223EE6
	for <larch@yhetil.org>; Wed,  3 Mar 2021 21:09:11 +0100 (CET)
Received: from localhost ([::1]:54808 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	id 1lHXny-0003Ft-Sf
	for larch@yhetil.org; Wed, 03 Mar 2021 15:09:10 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:53370)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <lle-bout@zaclys.net>)
 id 1lHXno-0003FV-Vl
 for guix-devel@gnu.org; Wed, 03 Mar 2021 15:09:00 -0500
Received: from mail.zaclys.net ([178.33.93.72]:54169)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <lle-bout@zaclys.net>)
 id 1lHXnm-0006zJ-2d
 for guix-devel@gnu.org; Wed, 03 Mar 2021 15:09:00 -0500
Received: from guix-xps.local (82-64-145-38.subs.proxad.net [82.64.145.38])
 (authenticated bits=0)
 by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 123K8t5S048610
 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
 for <guix-devel@gnu.org>; Wed, 3 Mar 2021 21:08:55 +0100
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 123K8t5S048610
Authentication-Results: mail.zaclys.net;
 spf=fail smtp.mailfrom=lle-bout@zaclys.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net;
 s=default; t=1614802135;
 bh=LWm+V6F5M88U5OrY4CHkSa0eKJJYqZ1xqBsCistQKIw=;
 h=Subject:From:To:Date:From;
 b=ZOkLPjql3jIr8T7OY/2i057mMVyKclK9uhtLJ8FkgVhnmnT4bCB3awkhEIVz8EKz8
 Oj1K75+EEPJqV6iAWpqaG9kmZb9LHwT6MWRDAs4yp2EPvTwMmOrPlGgAeZNkL1xmkw
 UnaA1b1lmFLY+novVNza//mK4T94TD2D92g7UdDs=
Message-ID: <023956d907028d228057db658970dd5075440ad7.camel@zaclys.net>
Subject: Zabbix packages vulnerable to CVE-2021-27927
From: =?ISO-8859-1?Q?L=E9o?= Le Bouter <lle-bout@zaclys.net>
To: guix-devel@gnu.org
Date: Wed, 03 Mar 2021 21:08:54 +0100
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-wCm/qgnaYOCQLezI/ViD"
User-Agent: Evolution 3.34.2 
MIME-Version: 1.0
Received-SPF: pass client-ip=178.33.93.72; envelope-from=lle-bout@zaclys.net;
 helo=mail.zaclys.net
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: guix-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1614802151;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=LWm+V6F5M88U5OrY4CHkSa0eKJJYqZ1xqBsCistQKIw=;
	b=fYq0ipi0fydF0AJHRDGpvFG4XCTp0EhuPWcOx3T9u48RtaF8zVUfH/AxPZgP3BR76PjYf1
	dr1rnCHLYBD6Y1b1AD9LJFG3cRLy8YrPCVuaHKEfAkvQySvpEH+/BIqORx+VD4uWOE28j/
	fhTCLSeHr5dHiQVLcGZg/xlGHKAbIRpOzpCht7g7cywPR7Y3efja2+It7LRXPU1FqFu5oH
	wLzuwZn1D/mdr7R9Mt8h361XTPdYzpnoXiTfO4GyIy9lgdqv1EePfqGjMCld7qKW2taWIs
	cNcertpwlgwKbUmq1ERd9sH3iZsPWIkri67SIsBKPar16Zqjg69IKaG0O4m8hQ==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1614802151; a=rsa-sha256; cv=none;
	b=qeRMY05mxwYDw7RgF/mw9zsbQjAU2jteNxuG5ZR8O8AifW+2J3bxbh8iHO8t0DbkaxsZoX
	PdRlo/28YaUCOZBkg2t2u7quMcg0qgt2TMWOyoRW0GaeLT3n4SD0shc/mJRujzKdfL8bl7
	ilgxkJHlp0L+ISB1/tFIKgEhePqLe/FFGt31D9iDfojU6n3VnL2jpMmjHXiIXs9PXcMZKZ
	ii0pq+QIrQUcB5d9GB6EYZD/LUw09vRXKBQWZYRQNV4KX8Y0pzeliESxqXBAIrG9Vr2iaB
	pjGCvItT6GgBJkICYwGwXLRZKrFKhFbXoqPRf1QxeOOSkWnWL85/GRUChOjJOw==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=zaclys.net header.s=default header.b=ZOkLPjql;
	dmarc=pass (policy=reject) header.from=zaclys.net;
	spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org
X-Migadu-Spam-Score: -5.16
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=zaclys.net header.s=default header.b=ZOkLPjql;
	dmarc=pass (policy=reject) header.from=zaclys.net;
	spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org
X-Migadu-Queue-Id: B879223EE6
X-Spam-Score: -5.16
X-Migadu-Scanner: scn1.migadu.com
X-TUID: Oewoowa8PD+/


--=-wCm/qgnaYOCQLezI/ViD
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Would be nice to update, it's a CSRF so not very high severity but
still.

See https://web.nvd.nist.gov/view/vuln/detail?vulnId=3DCVE-2021-27927

--=-wCm/qgnaYOCQLezI/ViD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmA/7NYACgkQRaix6GvN
EKb/4BAAjvfkGDGmWsGDHX0GdnjLedyPi+sL454Ab0s+qArInZP9a9ef66S70DMk
PbMngbn6//BKG6DnQXWCDbnNpvvBC9MmoddswH+VDDMZStjmefRApbx85ANY5JCE
bRnj09VXtBjpcqZ2M4aTMmsKgspWlx6cbHlXY/tdgsayMWvL0IdzgGceG8cDj3bi
3szxIo8gioGyNlJWdg7WxdduGASRor8msI5de++bbZrXpIGVeq6MhQPzPbBNP4x7
fJiEFRcwVHzjTrLvJwqw3iMBZFYRLja++R8+AVhR49rIfjWYfPK2F/Nue6CUyHil
W/63J5kaV6JutirNhHszpOFgNrRKO1MPuJlhkJnLZM5QjCrIXIrVxLj7SY/iVaXe
hdof/x+Qln/y9QX1AUwxvIxlre0uS2xFnksEFU5iNwnrNG5mzmN3fnLs44IuHldI
K+3YeC6atL9hdTuwK3rhmLdTAsO4zMOi8+JoR8DgQMnmHrWQMryJCPxE1cLGwbKL
lUradyG+TKo+/9HScGy9UwxI7f+qYaDgs6dTo5LixYd5z9SMsxNLEWSnv2xNpst7
Q0P3m5cQscTr1oYf6B/P9mBG+fr0aU7b/kWwWAt2vXucPkSypgQxMBpHrPTdKawF
A09cDVASZJVqvemkrxvT7g2DcgSCC6wG0t28XIynCsX5W/JCj6Q=
=qs0r
-----END PGP SIGNATURE-----

--=-wCm/qgnaYOCQLezI/ViD--