CVE-2022-23131/zabbix: stretch not-affected

author: Sylvain Beucler <beuc@beuc.net> 2022-02-04 14:04:55 +0100
committer: Sylvain Beucler <beuc@beuc.net> 2022-02-04 14:05:24 +0100
commit: 41bc0304994ad24644552350ab8c0610e2c18d32 (patch)
tree: 1fbde0d2e774714bbeab91d9e37e59dcfb997c1d /data
parent: 3f71355b313bef79ef5230766c80a65ee21779f5 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 5c1f369598..319fd9afcb 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4498,9 +4498,10 @@ CVE-2022-23132 (During Zabbix installation from RPM, DAC_OVERRIDE SELinux capabi
 	NOTE: https://support.zabbix.com/browse/ZBX-20341
 	NOTE: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/019fbd9b5cc9c455304f1a48460435ca474ba2ac (5.0.18)
 CVE-2022-23131 (In the case of instances where the SAML SSO authentication is enabled  ...)
-	- zabbix <undetermined>
+	- zabbix <unfixed>
+	[stretch] - zabbix <not-affected> (SAML authentication support added in 5.0)
 	NOTE: https://support.zabbix.com/browse/ZBX-20350
-	TODO: check, possibly only affecting 5.4.0 onwards
+	TODO: check, possibly only affecting 5.4.0 onwards; similar code but no upstream fix in 5.0 LTS
 CVE-2022-23130 (Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versi ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2022-23129 (Plaintext Storage of a Password vulnerability in Mitsubishi Electric M ...)
author	Sylvain Beucler <beuc@beuc.net>	2022-02-04 14:04:55 +0100
committer	Sylvain Beucler <beuc@beuc.net>	2022-02-04 14:05:24 +0100
commit	41bc0304994ad24644552350ab8c0610e2c18d32 (patch)
tree	1fbde0d2e774714bbeab91d9e37e59dcfb997c1d /data
parent	3f71355b313bef79ef5230766c80a65ee21779f5 (diff)