-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 16 Jun 2024 10:40:07 +0000 Source: zookeeper Binary: libzookeeper-mt-dev libzookeeper-mt2 libzookeeper-mt2-dbgsym libzookeeper-st-dev libzookeeper-st2 libzookeeper-st2-dbgsym python3-zookeeper python3-zookeeper-dbgsym zookeeper-bin zookeeper-bin-dbgsym Architecture: armhf Version: 3.8.0-11+deb12u2 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-conova-01) Changed-By: Bastien Roucariès Description: libzookeeper-mt-dev - Development files for multi threaded zookeeper C bindings libzookeeper-mt2 - Multi threaded C bindings for zookeeper libzookeeper-st-dev - Development files for single threaded zookeeper C bindings libzookeeper-st2 - Single threaded C bindings for zookeeper python3-zookeeper - Python bindings for zookeeper zookeeper-bin - Command line utilities for zookeeper Closes: 1066947 Changes: zookeeper (3.8.0-11+deb12u2) bookworm; urgency=medium . * Team upload * Bug fix: CVE-2024-23944 (Closes: #1066947): An information disclosure in persistent watchers handling was found in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher (addWatch command) to a parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when the persistent watcher is triggered and as a consequence, the full path of znodes that a watch event gets triggered upon is exposed to the owner of the watcher. It's important to note that only the path is exposed by this vulnerability, not the data of znode, but since znode path can contain sensitive information like user name or login ID, this issue is potentially critical. * Add salsa CI Checksums-Sha1: cb77aa699fdcaecadd0febed39c02b8f1dc52b51 70972 libzookeeper-mt-dev_3.8.0-11+deb12u2_armhf.deb 902ffba871be5d6740438028948d3f9958a30c1d 163380 libzookeeper-mt2-dbgsym_3.8.0-11+deb12u2_armhf.deb ddee7f2e0efc961d211829775fe1710b70c77467 43024 libzookeeper-mt2_3.8.0-11+deb12u2_armhf.deb 268b263bce688e17bd55188a94271b100e518185 66884 libzookeeper-st-dev_3.8.0-11+deb12u2_armhf.deb 9fbcf3b8b1a997ce904fe02700a4df2c87a7c857 147396 libzookeeper-st2-dbgsym_3.8.0-11+deb12u2_armhf.deb ed0273447fe40938d7a803c7dc25606917aed80d 39288 libzookeeper-st2_3.8.0-11+deb12u2_armhf.deb e8bcd4d3e606e5ac5321a69791112a3cc8c36da9 38272 python3-zookeeper-dbgsym_3.8.0-11+deb12u2_armhf.deb d981afd5db2382762b67a92935f974bd21211dee 22956 python3-zookeeper_3.8.0-11+deb12u2_armhf.deb 72a0b72a65838258be0a53640b421ceb7ca20505 36084 zookeeper-bin-dbgsym_3.8.0-11+deb12u2_armhf.deb 9940d392244f7d1a4b513bb257186a871d9d6607 20136 zookeeper-bin_3.8.0-11+deb12u2_armhf.deb 6d5490624365834c7eb165bb5ebc7e2744f048e0 23166 zookeeper_3.8.0-11+deb12u2_armhf-buildd.buildinfo Checksums-Sha256: d6b36d166473f120e007ba3cc1b65b06a973b7a71f5dae65f85c1b9ad44cecd0 70972 libzookeeper-mt-dev_3.8.0-11+deb12u2_armhf.deb 89d6d55c9f26b4abc1e6733b59d1a3ba286ad4d85426b51f39814e47cdec7a8f 163380 libzookeeper-mt2-dbgsym_3.8.0-11+deb12u2_armhf.deb ddc6ab093e1d20cc8bd3a3227ec4b6f911680e72de7d1f76acb21f1ea8d92b3b 43024 libzookeeper-mt2_3.8.0-11+deb12u2_armhf.deb 70ef17d97b92caf0bddc3beb2408142d0c568087ab261b9a5e02a9854ee68dc6 66884 libzookeeper-st-dev_3.8.0-11+deb12u2_armhf.deb bd7461cefa998f0efa73cc222b7850366f0b54aa88b248af19b0efb06ff344d2 147396 libzookeeper-st2-dbgsym_3.8.0-11+deb12u2_armhf.deb 1e2bfc578a12d86ea23b752ea4c983a117a51c52af2dd38d2f5e8a21b2fc316a 39288 libzookeeper-st2_3.8.0-11+deb12u2_armhf.deb a5e791ad976c4087a61a36e2afcc5429f681c360be19fcbc3e1688e654ee9e21 38272 python3-zookeeper-dbgsym_3.8.0-11+deb12u2_armhf.deb c20aca5ba0ad27b00ae7643da22c973837a2fe93a803995a59bf5d4fd22fdbbd 22956 python3-zookeeper_3.8.0-11+deb12u2_armhf.deb 4e4d4742b1e7176c425b3e9908f6d851df02fa02941aa2a7ebbef6a7aebbbd90 36084 zookeeper-bin-dbgsym_3.8.0-11+deb12u2_armhf.deb 6c28603b83860272c6a0c5142545d1cc3925db0b068a7d69ef0eb77be9d6970b 20136 zookeeper-bin_3.8.0-11+deb12u2_armhf.deb 347d11cd7951c488b5a749e9d2cd359f714a0f97542185548bc17384a01e0468 23166 zookeeper_3.8.0-11+deb12u2_armhf-buildd.buildinfo Files: b7f2ae65d872e267e4dd9fe59108757b 70972 libdevel optional libzookeeper-mt-dev_3.8.0-11+deb12u2_armhf.deb ed6d24089ce90071856340e892d112c2 163380 debug optional libzookeeper-mt2-dbgsym_3.8.0-11+deb12u2_armhf.deb e0dd3694e18dc9ecd0abfbb21b720c8e 43024 libs optional libzookeeper-mt2_3.8.0-11+deb12u2_armhf.deb 297b20a7dcf27689ee7a8acdf252a6e0 66884 libdevel optional libzookeeper-st-dev_3.8.0-11+deb12u2_armhf.deb c82623c90cbba784a267924f22fb881c 147396 debug optional libzookeeper-st2-dbgsym_3.8.0-11+deb12u2_armhf.deb c5485644fd6b94345b9b65c827d7fb84 39288 libs optional libzookeeper-st2_3.8.0-11+deb12u2_armhf.deb 1b4ac12cfa0770433e4b0f1ff4a616c9 38272 debug optional python3-zookeeper-dbgsym_3.8.0-11+deb12u2_armhf.deb 71e309da85db1f8fc923faad9c842ded 22956 python optional python3-zookeeper_3.8.0-11+deb12u2_armhf.deb b066c52b280e2d795e40d5328640bf73 36084 debug optional zookeeper-bin-dbgsym_3.8.0-11+deb12u2_armhf.deb 640245134e9666d50d3e6d32c351faed 20136 misc optional zookeeper-bin_3.8.0-11+deb12u2_armhf.deb 309ed68e7415132c49861e655327363c 23166 java optional zookeeper_3.8.0-11+deb12u2_armhf-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEegRwmIwj8f99iF4m4CwlMGxHD8UFAmdxj5YACgkQ4CwlMGxH D8UhghAAz/3xlEgKfWFMX6OLN+llPGeWKDWjKHZHb6a2raiXoTbIIOFue6C/bZCb qullNp5YuvYvJdo/XRNUEbyzpYA/kHBWqHBIJ/qI+ge1V6ipuFSQa6ED47cPcuJk QKhw7SI2K36a/BwwBtvzlajKe9xIlFdujYPUyYzndNi+wD5XntsV7jwHQ2Bxv5J4 6ByKFfBXG2arxay+R/hy5p4C/NNqOvdtTJfZzE0GfpZ7QRraINU7E7whR+Kc3XtD TuLmKI8H4XfFjIhfidarDCKW/j6X7JyP92px0udmJXKGI8hGqJrIR1a1HONHBc41 ulB44IIeKrV9Y/2W0/bsjAxLup1v+AyFmghJZ551mvKRFSwd6SFGEIMmngfKWu6h JMv/2rRFQbS2aXevYbHhlfjomaC7TfFuvZz++cI9SsSqZ6pU0LUCc0Y3ev6dHI++ A2b0sYwsKLYTu8M6rDqntwbEItfaxWSD/Q7xjQzR4f6mMmh0aV7pwZBPVuAj4hVQ A/4ofklI7zoJ415pUEBoChTuZRvACP8NuG2PvszGG0LEvPnxwRDwsiRjvq94ixwM 20N5ytYU+erZkUzNu9mRq0FMeWnVlPby4Xhnu+YcO+y9c71bFYTrYyZeqeHafx4T SQWX9KMcLHnSWX+kTVDyoqOvj/HosRLwe5sRv60E/cl2FYrMreg= =aXac -----END PGP SIGNATURE-----