[Git][security-tracker-team/security-tracker][master] CVE-2021-28116: Update reference for ZDI advisory and patches

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
096740a8 by Salvatore Bonaccorso at 2021-10-04T09:08:48+02:00
CVE-2021-28116: Update reference for ZDI advisory and patches

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33293,8 +33293,11 @@ CVE-2021-28116 (Squid through 4.14 and 5.x through 5.0.5, in some configurations
 	[buster] - squid <postponed> (Minor issue, revisit once fixed upstream)
 	- squid3 <removed>
 	[stretch] - squid3 <postponed> (Check later when information is public)
-	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-21-157/
+	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-11610/
 	NOTE: https://bugs.squid-cache.org/show_bug.cgi?id=5131
+	NOTE: https://www.openwall.com/lists/oss-security/2021/10/04/1
+	NOTE: Squid4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_12.patch
+	NOTE: Squid5: http://www.squid-cache.org/Versions/v5/changesets/squid-5-7a73a54cefff6bb83c03de219a73276e42d183d0.patch
 CVE-2021-28115 (The OUGC Feedback plugin before 1.8.23 for MyBB allows XSS via the com ...)
 	NOT-FOR-US: MyBB addon
 CVE-2021-28114 (Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace co ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/096740a89fbac911dd68a0009c28ff23bc578124

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/096740a89fbac911dd68a0009c28ff23bc578124
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211004/cc30061a/attachment.htm>