[Git][security-tracker-team/security-tracker][master] ATS commit references

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
088e29cb by Moritz Muehlenhoff at 2021-06-25T11:35:48+02:00
ATS commit references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -70,6 +70,9 @@ CVE-2021-35474 [Dynamic stack buffer overflow in cachekey plugin]
 	RESERVED
 	- trafficserver <unfixed> (bug #990303)
 	NOTE: https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cannounce.trafficserver.apache.org%3E
+	NOTE: https://github.com/apache/trafficserver/pull/7945
+	NOTE: https://github.com/apache/trafficserver/commit/5a9339d7bc65e1c2d8d2a0fc80bb051daf3cdb0b (master)
+	NOTE: https://github.com/apache/trafficserver/commit/b82a3d192f995fb9d78e1c44d51d9acca4783277 (8.1.x)
 CVE-2021-35473
 	RESERVED
 CVE-2021-35472
@@ -6591,14 +6594,23 @@ CVE-2021-32567 [Reading HTTP/2 frames too many times]
 	RESERVED
 	- trafficserver <unfixed> (bug #990303)
 	NOTE: https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cannounce.trafficserver.apache.org%3E
+	NOTE: https://github.com/apache/trafficserver/pull/7945 (8.1.x)
+	NOTE: https://github.com/apache/trafficserver/commit/034965e0fd0def114658f0048d953d1c16a95bed (master)
+	NOTE: https://github.com/apache/trafficserver/commit/b82a3d192f995fb9d78e1c44d51d9acca4783277 (8.1.x)
 CVE-2021-32566 [Specific sequence of HTTP/2 frames can cause ATS to crash]
 	RESERVED
 	- trafficserver <unfixed> (bug #990303)
 	NOTE: https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cannounce.trafficserver.apache.org%3E
+	NOTE: https://github.com/apache/trafficserver/pull/7945 (8.1.x)
+	NOTE: https://github.com/apache/trafficserver/commit/034965e0fd0def114658f0048d953d1c16a95bed (master)
+	NOTE: https://github.com/apache/trafficserver/commit/b82a3d192f995fb9d78e1c44d51d9acca4783277 (8.1.x)
 CVE-2021-32565 [HTTP Request Smuggling, content length with invalid charters]
 	RESERVED
 	- trafficserver <unfixed> (bug #990303)
 	NOTE: https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cannounce.trafficserver.apache.org%3E
+	NOTE: https://github.com/apache/trafficserver/pull/7945 (8.1.x)
+	NOTE: https://github.com/apache/trafficserver/commit/668d0f8668fec1cd350b0ceba3f7f8e4020ae3ca (master)
+	NOTE: https://github.com/apache/trafficserver/commit/b82a3d192f995fb9d78e1c44d51d9acca4783277 (8.1.x)
 CVE-2021-32564
 	RESERVED
 CVE-2021-32562
@@ -18799,6 +18811,9 @@ CVE-2021-27577 [Incorrect handling of url fragment leads to cache poisoning]
 	RESERVED
 	- trafficserver <unfixed> (bug #990303)
 	NOTE: https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cannounce.trafficserver.apache.org%3E
+	NOTE: https://github.com/apache/trafficserver/pull/7945 (8.1.x)
+	NOTE: https://github.com/apache/trafficserver/commit/2b13eb33794574e62249997b4ba654d943a10f2d (master)
+	NOTE: https://github.com/apache/trafficserver/commit/b82a3d192f995fb9d78e1c44d51d9acca4783277 (8.1.x)
 CVE-2021-27576 (If was found that the NetTest web service can be used to overload the  ...)
 	NOT-FOR-US: Apache OpenMeetings
 CVE-2021-27575



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/088e29cb833ff82dc69f1b24c8845f84a71df667

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/088e29cb833ff82dc69f1b24c8845f84a71df667
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210625/a4132e88/attachment.htm>