Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."

I've just filed a sync for feisty, see bug #83507.

Ok, fixed in feisty:

Accepted:
 OK: zabbix_1.1.4-8.diff.gz
 OK: zabbix_1.1.4-8.dsc
     -> Component: universe Section: net

Origin: Debian/unstable
Format: 1.7
Date: Wed, 07 Feb 2007 12:05:12 +0000
Source: zabbix
Binary: zabbix-frontend-php, zabbix-server-mysql, zabbix-server-pgsql, zabbix-agent
Architecture: source
Version: 1:1.1.4-8
Distribution: feisty
Urgency: high
Maintainer: Zabbix Maintainers <email address hidden>
Changed-By: StefanPotyra <email address hidden>
Closes: 398405 406750 407226 408489 409257
Changes:
 zabbix (1:1.1.4-8) unstable; urgency=high
 .
   * debian/patches/CVE-2007-0640.dpatch: fix buffer overflow related
     to SNMP IP Address Handling as described in CVE-2007-0640.
     Closes: #409257
 .
 zabbix (1:1.1.4-7) unstable; urgency=high
 .
   * Manage configuration files for zabbix-agent and zabbix-frontend-php
     with ucf in order to prevent user specified data to be overwritten on
     package Upgrade. (Closes: #408489)
   * Add ucf to dependencies.
 .
 zabbix (1:1.1.4-6) unstable; urgency=medium
 .
   * Restarting zabbix agent and server after logrotation is not
     neccessary, should also resolve problems with agents stopping
     during said task (Closes: #398405)
   * Disable internal logrotation again.
 .
 zabbix (1:1.1.4-5) unstable; urgency=medium
 .
   * debian/po/pt.po: added, thanks to Miguel Figueiredo. (Closes: #407226)
   * debian/zabbix-frontend-php.postrm: fail gracefully if debconf is not
     available anymore at purge time.
   * debian/zabbix-server-mysql.postrm: fail gracefully if ucf is not
     available anymore at purge time.
   * debian/zabbix-server-pgsql.postrm: fail gracefully if ucf is not
     available anymore at purge time.
 .
 zabbix (1:1.1.4-4) unstable; urgency=low
 .
   [ Fabio Tranchitella ]
   * debian/control: zabbix-frontend-php should depend on both php[54]-mysql
     and php[54]-pgsql, as well as php[54]-cgi. (Closes: #406750).
 .
 zabbix (1:1.1.4-3) unstable; urgency=low
 .
   * Do not install useless manpage templates.
   * Set the default zabbix server in agent configuration
     to "localhost".
Files:
 2148e190b1b0d8f7fefef02051832986 18393 net optional zabbix_1.1.4-8.diff.gz
 823c343688a25460ce50ad152d820761 838 net optional zabbix_1.1.4-8.dsc

@Martin: I can't find the zabbix source package in dapper... did I miss s.th. there?

Actually, this only affects Edgy and Feisty. There's no ZABBIX in Dapper.

Thanks -- sorry this got lost until now. It has been uploaded to the security queue and should be published shortly.