{"id":366600,"date":"2024-02-07T00:31:16","date_gmt":"2024-02-07T00:31:16","guid":{"rendered":"https:\/\/pandorafms.com\/?p=366600"},"modified":"2025-07-03T20:40:32","modified_gmt":"2025-07-03T20:40:32","slug":"772-3-lts","status":"publish","type":"post","link":"https:\/\/pandorafms.com\/es\/notas-de-parches\/772-3-lts\/","title":{"rendered":"772.3 LTS"},"content":{"rendered":"<p>[et_pb_section fb_built=\u00bb1&#8243; _builder_version=\u00bb4.22.0&#8243; _module_preset=\u00bbdefault\u00bb custom_margin=\u00bb0px||||false|false\u00bb custom_padding=\u00bb0px||||false|false\u00bb global_colors_info=\u00bb{}\u00bb][et_pb_row _builder_version=\u00bb4.22.0&#8243; _module_preset=\u00bbdefault\u00bb z_index=\u00bb0&#8243; width=\u00bb100%\u00bb max_width=\u00bb900px\u00bb module_alignment=\u00bbleft\u00bb custom_margin=\u00bb0px||0px||true|false\u00bb custom_padding=\u00bb0px||0px||true|false\u00bb global_colors_info=\u00bb{}\u00bb][et_pb_column type=\u00bb4_4&#8243; _builder_version=\u00bb4.21.0&#8243; _module_preset=\u00bbdefault\u00bb global_colors_info=\u00bb{}\u00bb][et_pb_text module_id=\u00bb1&#8243; _builder_version=\u00bb4.22.0&#8243; _module_preset=\u00bbdefault\u00bb z_index=\u00bb0&#8243; custom_margin=\u00bb0px||0px||true|false\u00bb custom_padding=\u00bb0px||0px||true|false\u00bb custom_css_main_element=\u00bbfont-family:%22Pandora-Light%22;\u00bb locked=\u00bboff\u00bb global_colors_info=\u00bb{}\u00bb]<\/p>\n<h2>Parches LTS<\/h2>\n<p>Publicamos parches exclusivamente para las versiones de Soporte Extendido (LTS), a menos que haya situaciones espec\u00edficas en las que tambi\u00e9n lanzamos parches para las versiones de Lanzamiento Regular (RRR).<\/p>\n<p>Los parches de seguridad se publican lo antes posible, tras detectar y corregir la vulnerabilidad. Los parches para la versi\u00f3n LTS incluyen principalmente correcci\u00f3n de fallos cr\u00edticos y soluciones a problemas de seguridad.<\/p>\n<p>[\/et_pb_text][et_pb_divider color=\u00bb#eaeaea\u00bb divider_position=\u00bbcenter\u00bb divider_weight=\u00bb1px\u00bb admin_label=\u00bb=== SEPARADOR ===\u00bb module_id=\u00bb2&#8243; _builder_version=\u00bb4.22.0&#8243; _module_preset=\u00bbdefault\u00bb z_index=\u00bb0&#8243; module_alignment=\u00bbcenter\u00bb custom_margin=\u00bb0px||0px||true|false\u00bb custom_padding=\u00bb25px||25px||true|false\u00bb border_color_all=\u00bb#eaeaea\u00bb locked=\u00bboff\u00bb global_colors_info=\u00bb{}\u00bb][\/et_pb_divider][et_pb_code admin_label=\u00bbFallos corregidos\u00bb _builder_version=\u00bb4.22.0&#8243; _module_preset=\u00bbdefault\u00bb z_index=\u00bb0&#8243; custom_margin=\u00bb0px||0px||true|false\u00bb custom_padding=\u00bb0px||0px||true|false\u00bb locked=\u00bboff\u00bb global_colors_info=\u00bb{}\u00bb]<\/p>\n<h2>Fallos corregidos<\/h2>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<table class=\"PandoTable6\" style=\"margin-top: 30px;\"><!-- [et_pb_line_break_holder] --><\/p>\n<thead><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<th>Caso#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>GitLab#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>Descripci\u00f3n<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/thead>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tbody><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>N\/A<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12592<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>La integraci\u00f3n de Integria IMS (<strong>Pandora ITSM<\/strong>) a nivel de usuario con Pandora FMS fue corregida en la secci\u00f3n de configuraci\u00f3n respectiva.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>N\/A<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12768<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Corregido: Si un usuario con permisos de lectura (en este caso perfil <strong>Operator read<\/strong>) no pertenece a un grupo <i>no podr\u00e1 ver el inventario de un agente perteneciente a ese grupo.<\/i><\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>N\/A<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12775<\/pee><!-- [et_pb_line_break_holder] --><\/p>\n<ul><!-- [et_pb_line_break_holder] --><\/p>\n<li>Relacionados: 11589 y 12382<\/li>\n<p><!-- [et_pb_line_break_holder] --><\/ul>\n<p><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fue corregida la exportaci\u00f3n de informes en formato XML.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/tbody>\n<p><!-- [et_pb_line_break_holder] --><\/table>\n<p>[\/et_pb_code][et_pb_divider color=\u00bb#eaeaea\u00bb divider_position=\u00bbcenter\u00bb divider_weight=\u00bb1px\u00bb admin_label=\u00bb=== SEPARADOR ===\u00bb module_id=\u00bb2&#8243; _builder_version=\u00bb4.22.0&#8243; _module_preset=\u00bbdefault\u00bb z_index=\u00bb0&#8243; module_alignment=\u00bbcenter\u00bb custom_margin=\u00bb0px||0px||true|false\u00bb custom_padding=\u00bb25px||25px||true|false\u00bb border_color_all=\u00bb#eaeaea\u00bb locked=\u00bboff\u00bb global_colors_info=\u00bb{}\u00bb][\/et_pb_divider][et_pb_code admin_label=\u00bbVulnerabilidades corregidas\u00bb _builder_version=\u00bb4.22.0&#8243; _module_preset=\u00bbdefault\u00bb z_index=\u00bb0&#8243; custom_margin=\u00bb0px||0px||true|false\u00bb custom_padding=\u00bb0px||0px||true|false\u00bb hover_enabled=\u00bb0&#8243; locked=\u00bboff\u00bb global_colors_info=\u00bb{}\u00bb sticky_enabled=\u00bb0&#8243;]<\/p>\n<h2>Vulnerabilidades corregidas<\/h2>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<table class=\"PandoTable6\" style=\"margin-top: 30px;\"><!-- [et_pb_line_break_holder] --><\/p>\n<thead><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<th>Caso#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>GitLab#<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<th>Descripci\u00f3n<\/th>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/thead>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tbody><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-41814\" target=\"_blank\" rel=\"noopener\">CVE-2023-41814<\/a> Agradecimiento a Gabriel Weitzel.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12043<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fue corregida la inserci\u00f3n de c\u00f3digo JavaScript (posible XSS) en los mensajes del sistema de notificaci\u00f3n de Pandora FMS.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-41815\" target=\"_blank\" rel=\"noopener\">CVE-2023-41815<\/a> Agradecimiento a Osama Yousef.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12121<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Fue corregido en el <strong>File manager<\/strong> de la Consola web PFMS la inserci\u00f3n de c\u00f3digo XSS para los nombres de los directorios.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-44088\" target=\"_blank\" rel=\"noopener\">CVE-2023-44088<\/a> Agradecimiento a Osama Yousef.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12122<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Al crea una nueva Consola visual PFMS, en la opci\u00f3n de subir una imagen como fondo, fue corregida la inserci\u00f3n de c\u00f3digo SQL y\/o c\u00f3digo JS para el nombre del fichero de dicha imagen.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-44089\" target=\"_blank\" rel=\"noopener\">CVE-2023-44089<\/a> Agradecimiento a Osama Yousef.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12123<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>En la creaci\u00f3n de una nueva Consola visual (men\u00fa <strong>Topology maps \u2192 Visual console \u2192 visual console list<\/strong>) fue corregida la inserci\u00f3n de c\u00f3digo JavaScript en el nombre de dicha consola visual.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<tr><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-44092\" target=\"_blank\" rel=\"noopener\">CVE-2023-44092<\/a> Agradecimiento a Aleksey Solovev.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>12753<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/p>\n<td><!-- [et_pb_line_break_holder] --><pee>Ha sido corregida y evitada la posibilidad de un <a href=\"https:\/\/owasp.org\/www-community\/attacks\/Command_Injection\" target=\"_blank\" rel=\"noopener\">ataque por inyecci\u00f3n de comando de sistema operativo<\/a> en las respuestas de eventos PFMS.<\/pee><!-- [et_pb_line_break_holder] --><\/td>\n<p><!-- [et_pb_line_break_holder] --><\/tr>\n<p><!-- [et_pb_line_break_holder] --><\/tbody>\n<p><!-- [et_pb_line_break_holder] --><\/table>\n<p>[\/et_pb_code][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Parches LTS Publicamos parches exclusivamente para las versiones de Soporte Extendido (LTS), a menos que haya situaciones espec\u00edficas en las que tambi\u00e9n lanzamos parches para las versiones de Lanzamiento Regular (RRR). Los parches de seguridad se publican lo antes posible, tras detectar y corregir la vulnerabilidad. Los parches para la versi\u00f3n LTS incluyen principalmente correcci\u00f3n [&hellip;]<\/p>\n","protected":false},"author":33,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","_joinchat":[],"footnotes":""},"categories":[3415],"tags":[],"class_list":["post-366600","post","type-post","status-publish","format-standard","hentry","category-notas-de-parches"],"_links":{"self":[{"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/posts\/366600","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/users\/33"}],"replies":[{"embeddable":true,"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/comments?post=366600"}],"version-history":[{"count":5,"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/posts\/366600\/revisions"}],"predecessor-version":[{"id":366610,"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/posts\/366600\/revisions\/366610"}],"wp:attachment":[{"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/media?parent=366600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/categories?post=366600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pandorafms.com\/es\/wp-json\/wp\/v2\/tags?post=366600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}