[Git][security-tracker-team/security-tracker][master] Unless there is modified error pages which contain special

Abhijith PA (@abhijith) abhijith at debian.org
Thu Oct 13 09:21:45 BST 2022



Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bec77709 by Abhijith PA at 2022-10-13T13:50:26+05:30
Unless there is modified error pages which contain special
non-standard variables. This is not an issue. tinyproxy mostly
run locally or in trusted small network than a full-fledged
proxy server.

 Mark CVE-2022-40468 as postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5840,6 +5840,7 @@ CVE-2022-40469 (iKuai8 v3.6.7 was discovered to contain an authenticated remote
 CVE-2022-40468 (Potential leak of left-over heap data if custom error page templates c ...)
 	- tinyproxy 1.11.1-2 (bug #1021015)
 	[bullseye] - tinyproxy <no-dsa> (Minor issue)
+	[buster] - tinyproxy <postponed> (Minor issue)
 	NOTE: https://github.com/tinyproxy/tinyproxy/issues/457
 	NOTE: https://github.com/tinyproxy/tinyproxy/commit/3764b8551463b900b5b4e3ec0cd9bb9182191cb7
 CVE-2022-40467



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bec77709da1513d103eee3c20fd0e87d35d8e92e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bec77709da1513d103eee3c20fd0e87d35d8e92e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221013/75441db4/attachment.htm>


More information about the debian-security-tracker-commits mailing list