<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en" style='--code-editor-font: var(--default-mono-font, "GitLab Mono"), JetBrains Mono, Menlo, DejaVu Sans Mono, Liberation Mono, Consolas, Ubuntu Mono, Courier New, andale mono, lucida console, monospace;'>

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style data-premailer="ignore" type="text/css">

a { color: #1068bf; }

</style>

<style>img {

max-width: 100%; height: auto;

}

body {

font-size: 0.875rem;

}

body {

-webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px;

}

body {

font-family: var(--default-regular-font, "GitLab Sans"),-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Noto Sans",Ubuntu,Cantarell,"Helvetica Neue",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"; font-size: inherit;

}

</style>

</head>

<body style='font-size: inherit; -webkit-text-shadow: rgba(255,255,255,0.01) 0 0 1px; font-family: var(--default-regular-font, "GitLab Sans"),-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Noto Sans",Ubuntu,Cantarell,"Helvetica Neue",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";'>

<div class="content">

<h3 style="margin-top: 20px; margin-bottom: 10px;">

Markus Koschany pushed to branch master at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4 style="margin-top: 10px; margin-bottom: 10px;">

Commits:

</h4>

<ul>

<li>

<strong style="font-weight: bold;"><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a58e79560d27ff54a8735e8b4b6349310dc14c1">8a58e795</a></strong>

<div>

<span> by Markus Koschany </span> <i> at 2024-01-08T21:51:11+01:00 </i>

</div>

<pre class="commit-message" style='white-space: pre-wrap; display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: #fbfafd; border-radius: 2px; margin: 0; padding: 8px 12px; border: 1px solid #dcdcde;'>CVE-2023-46728,squid: Mark Buster as ignored

Gopher support has been removed upstream. Since Gopher is ancient and rarely

used, we recommend to reject all gopher URL requests.

</pre>

</li>

<li>

<strong style="font-weight: bold;"><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c498ef6e2dabe03ce9e117d85ea20812f18b140">9c498ef6</a></strong>

<div>

<span> by Markus Koschany </span> <i> at 2024-01-08T23:24:45+01:00 </i>

</div>

<pre class="commit-message" style='white-space: pre-wrap; display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: #fbfafd; border-radius: 2px; margin: 0; padding: 8px 12px; border: 1px solid #dcdcde;'>Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker

</pre>

</li>

<li>

<strong style="font-weight: bold;"><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dada7df366d9b70323fc63d2605600605281d11">0dada7df</a></strong>

<div>

<span> by Markus Koschany </span> <i> at 2024-01-08T23:25:58+01:00 </i>

</div>

<pre class="commit-message" style='white-space: pre-wrap; display: block; font-size: 14px; color: #333238; position: relative; font-family: var(--default-mono-font, "GitLab Mono"),"JetBrains Mono","Menlo","DejaVu Sans Mono","Liberation Mono","Consolas","Ubuntu Mono","Courier New","andale mono","lucida console",monospace; word-break: break-all; word-wrap: break-word; background-color: #fbfafd; border-radius: 2px; margin: 0; padding: 8px 12px; border: 1px solid #dcdcde;'>CVE-2023-46728,squid: Mark Bullseye and Bookworm also as ignored

The same reasoning applies to newer releases. Gopher support has just been

removed, no fix is available and the simple workaround is to reject Gopher URLs

which in 2024 shouldn't be a problem.

</pre>

</li>

</ul>

<h4 style="margin-top: 10px; margin-bottom: 10px;">

1 changed file:

</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4 style="margin-top: 10px; margin-bottom: 10px;">

Changes:

</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2f31272fab38603e91f0ec86d08b77d8ac71b410...0dada7df366d9b70323fc63d2605600605281d11#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong style="font-weight: bold;">data/CVE/list</strong></a>

<hr style="overflow: hidden; border: 1px solid #e1e1e1;">

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #737278;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2f31272fab38603e91f0ec86d08b77d8ac71b410...0dada7df366d9b70323fc63d2605600605281d11">View it on GitLab</a>.

<br>

You're receiving this email because of your account on <a target="_blank" rel="noopener noreferrer" href="https://salsa.debian.org">salsa.debian.org</a>. <a href="https://salsa.debian.org/-/profile/notifications" target="_blank" rel="noopener noreferrer" class="mng-notif-link">Manage all notifications</a> · <a href="https://salsa.debian.org/help" target="_blank" rel="noopener noreferrer" class="help-link">Help</a>

</p>

</div>

</body>

</html>