[Git][security-tracker-team/security-tracker][master] Reserve DLA-2394-1 for squid3

[Markus Koschany]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c9c6d8b4 by Markus Koschany at 2020-10-02T15:55:56+02:00
Reserve DLA-2394-1 for squid3

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[02 Oct 2020] DLA-2394-1 squid3 - security update
+	{CVE-2020-15049 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606}
+	[stretch] - squid3 3.5.23-5+deb9u5
 [01 Oct 2020] DLA-2393-1 snmptt - security update
 	{CVE-2020-24361}
 	[stretch] - snmptt 1.4-1+deb8u1


=====================================
data/dla-needed.txt
=====================================
@@ -175,11 +175,6 @@ slirp
   NOTE: CVE-2020-7039 to be applied patched first, as they both patch
   NOTE: the same lines of code in tcp_subr.c (bam).
 --
-squid3
-  NOTE: 20200831: I have backported the HttpHeader parsing code now and
-  NOTE: incorporated the fixes for the latest CVE. I will send a RFT to
-  NOTE: debian-lts again before uploading. (apo)
---
 sympa
   NOTE: 20200525: Incomplete patch. Not the complete patch is made public. (utkarsh)
   NOTE: 20200525: But that is weird, given their announcement. (utkarsh)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9c6d8b488036f66b42b7e74193cbc391bc5d785

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9c6d8b488036f66b42b7e74193cbc391bc5d785
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201002/ef62096b/attachment-0001.html>