-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 16 Jun 2024 10:40:07 +0000 Source: zookeeper Binary: libzookeeper-mt-dev libzookeeper-mt2 libzookeeper-mt2-dbgsym libzookeeper-st-dev libzookeeper-st2 libzookeeper-st2-dbgsym python3-zookeeper python3-zookeeper-dbgsym zookeeper-bin zookeeper-bin-dbgsym Architecture: i386 Version: 3.8.0-11+deb12u2 Distribution: bookworm Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Bastien Roucariès Description: libzookeeper-mt-dev - Development files for multi threaded zookeeper C bindings libzookeeper-mt2 - Multi threaded C bindings for zookeeper libzookeeper-st-dev - Development files for single threaded zookeeper C bindings libzookeeper-st2 - Single threaded C bindings for zookeeper python3-zookeeper - Python bindings for zookeeper zookeeper-bin - Command line utilities for zookeeper Closes: 1066947 Changes: zookeeper (3.8.0-11+deb12u2) bookworm; urgency=medium . * Team upload * Bug fix: CVE-2024-23944 (Closes: #1066947): An information disclosure in persistent watchers handling was found in Apache ZooKeeper due to missing ACL check. It allows an attacker to monitor child znodes by attaching a persistent watcher (addWatch command) to a parent which the attacker has already access to. ZooKeeper server doesn't do ACL check when the persistent watcher is triggered and as a consequence, the full path of znodes that a watch event gets triggered upon is exposed to the owner of the watcher. It's important to note that only the path is exposed by this vulnerability, not the data of znode, but since znode path can contain sensitive information like user name or login ID, this issue is potentially critical. * Add salsa CI Checksums-Sha1: 53178e897c532bad302ed346c526d77a29d59bb3 85132 libzookeeper-mt-dev_3.8.0-11+deb12u2_i386.deb 3f81c6becaf16bdfec69bdc547d730afa74818b5 132580 libzookeeper-mt2-dbgsym_3.8.0-11+deb12u2_i386.deb 147f598b43b0262b520578d6ad8ecf3d61b2d277 57160 libzookeeper-mt2_3.8.0-11+deb12u2_i386.deb 4ffe25f998042858ac764239f8f81e707aa3dfc2 79452 libzookeeper-st-dev_3.8.0-11+deb12u2_i386.deb 371e80eb90167c64a55e323bccf51bfdc818e75e 122064 libzookeeper-st2-dbgsym_3.8.0-11+deb12u2_i386.deb 8aebf436f3a1178a474de4c354075a16ed3e1a89 51644 libzookeeper-st2_3.8.0-11+deb12u2_i386.deb 218e9b52e2de3b1987e178ee96be1620c2245a87 32136 python3-zookeeper-dbgsym_3.8.0-11+deb12u2_i386.deb 8443fd512031999e76f41145e30c7c30213cda31 24604 python3-zookeeper_3.8.0-11+deb12u2_i386.deb 9427fd8a0a21f16eca2292c2dbdf0e570fa79490 32332 zookeeper-bin-dbgsym_3.8.0-11+deb12u2_i386.deb 01d460e23e94fd88718e9b0e1f3ac5c8486099dc 21456 zookeeper-bin_3.8.0-11+deb12u2_i386.deb b8d75bf07496760ff5c15f7193e6ce079d2b179b 23267 zookeeper_3.8.0-11+deb12u2_i386-buildd.buildinfo Checksums-Sha256: fce4dfc3670985910f008cd43822d2f1b63d57059cffa9a466b8728af6c4ff2f 85132 libzookeeper-mt-dev_3.8.0-11+deb12u2_i386.deb 4a24fce58a77af5e64988f45ec8881f391df4eedfc1c1362d8cc9843410581e0 132580 libzookeeper-mt2-dbgsym_3.8.0-11+deb12u2_i386.deb 2dad4bc22a288c4f574c42951382cfdf6d204c8a73082937854431fa6bd955db 57160 libzookeeper-mt2_3.8.0-11+deb12u2_i386.deb 0a889ef935a214807de90abb5f3e3fe6b052d9190f83b2c28274fe4a1f170473 79452 libzookeeper-st-dev_3.8.0-11+deb12u2_i386.deb 57ff4669742d6536d2b7f73bf43b77d678ad23d26401abf0c7e3a1cd05239408 122064 libzookeeper-st2-dbgsym_3.8.0-11+deb12u2_i386.deb dfd9299b2e225c48c6394c74eee2c6f4c3bf0b8794e4f45eafd9d634440b16f7 51644 libzookeeper-st2_3.8.0-11+deb12u2_i386.deb 0191d92d9681f64e19c502e8ee73ef0cd5b9f52b3e3d8c388f4c807dfcbd197b 32136 python3-zookeeper-dbgsym_3.8.0-11+deb12u2_i386.deb 0db1a795f2ccb44557eb1b01ef7d9fce4c80e233c000816ce59870f4398d1261 24604 python3-zookeeper_3.8.0-11+deb12u2_i386.deb 271f4dc6147f64e6df08ee1f10e5976a5f4cb93e71c5609dd789d32e763d057d 32332 zookeeper-bin-dbgsym_3.8.0-11+deb12u2_i386.deb 28f577a93bf25f834b162900e2a265ff5b99cd366d1bc7b7ad5e53b49b593894 21456 zookeeper-bin_3.8.0-11+deb12u2_i386.deb 5789dad60645a4ee57b456766818ebf8eb99fd6039dc43624b42957a9b2acc68 23267 zookeeper_3.8.0-11+deb12u2_i386-buildd.buildinfo Files: 8e87efc601034533507a5e4d45b6dad3 85132 libdevel optional libzookeeper-mt-dev_3.8.0-11+deb12u2_i386.deb af99f089df942d2881e216d4124c9aac 132580 debug optional libzookeeper-mt2-dbgsym_3.8.0-11+deb12u2_i386.deb 0944ff0318b703bc2455ac4d4f7c29c5 57160 libs optional libzookeeper-mt2_3.8.0-11+deb12u2_i386.deb 509c6e9728dca097fca8b404fa8d4ddf 79452 libdevel optional libzookeeper-st-dev_3.8.0-11+deb12u2_i386.deb 787e0f43aef8dea2af43d16dbdcf8ac6 122064 debug optional libzookeeper-st2-dbgsym_3.8.0-11+deb12u2_i386.deb fd96694ec74fb793fe78a9ff5651c920 51644 libs optional libzookeeper-st2_3.8.0-11+deb12u2_i386.deb 3e1890f0d5a7ea54cd3d2edfb2cfbc79 32136 debug optional python3-zookeeper-dbgsym_3.8.0-11+deb12u2_i386.deb 999ac85f21d7c2b1b39ab105a72dc272 24604 python optional python3-zookeeper_3.8.0-11+deb12u2_i386.deb 27bed556cebdf0a86b1f58bfbc3cfdfd 32332 debug optional zookeeper-bin-dbgsym_3.8.0-11+deb12u2_i386.deb 6611b645b1bd6fa326000edc15541f14 21456 misc optional zookeeper-bin_3.8.0-11+deb12u2_i386.deb c9e1470816a814f68ab149039b93fdf5 23267 java optional zookeeper_3.8.0-11+deb12u2_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgdRoRGwEM09wlaMzOni7ZmUpKEcFAmdxjhQACgkQOni7ZmUp KEeBkQ/+ID1ui7FZSEjMRL/YCp2+27JB/3w/OKQwJTmz96gGKiIz4SVeAugoamTY qrIFnQspr72ZP+D8yB+mN0bRaKSTuAoCABxZrT1WKPSjYCFgN2qDxYUcN8dZX8HN GdtspTEvj8lYNKkCcTlHld3vNAlzz6C3vs1+iNnhGKrhAag+fZ2+7qzAloqwfcv4 T3SKOVi6dbue4+NVwmnoJcbrg+gZ5u/hqyOicv81W2+5HHX7MwK7AKVCwWiLDGsY X8iYotsgQxr0pQmJfSFGzcIXqCnmm821Mf7HGFTVixoGnhVLtGWhxGFBHWTnNjKz Oiygr9FEUck7HTjuCTWSpc1+O+gCiPmCVBBS3xEN58D/YxF9esJz9zS7XrtHOKHB 5ppeLhOt4u6Zy+JTkfYz8nQT+FtLbUWFQt/Ho2ONRfa3TCsI4lOpRNPXkKPMwPg/ B9WFVfUORw5dPcSMuueKFSCVV4F6Y1bSDYfZn3zT+ebRPgQFAJZABnmaXjaIJG27 Zk9tgw6Y4da0Kdt3mTwu30JV2aYIqlVVraG3uVl6iRi8eCYixxdFDG83mC8RjUA0 STQnyzqCTJz25MmsVmWmoO6IVkpj9X5QFOJmQFIemIXgco2zK30rAUiL7hg6RF0s EaPsGp6TNXEqFAFmyyLEddyygCc/5W0/gc4x5wTn3Y/FRgNFZ1Q= =+f0/ -----END PGP SIGNATURE-----