[Git][security-tracker-team/security-tracker][master] CVE-2023-49285/squid assigned

Tue Dec 5 08:31:22 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
935753fd by Salvatore Bonaccorso at 2023-12-05T09:30:45+01:00
CVE-2023-49285/squid assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52,8 +52,6 @@ CVE-2023-49288 (Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP
 	TODO: check
 CVE-2023-49286 (Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and  ...)
 	TODO: check
-CVE-2023-49285 (Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and  ...)
-	TODO: check
 CVE-2023-49284 (fish is a smart and user-friendly command line shell for macOS, Linux, ...)
 	TODO: check
 CVE-2023-49280 (XWiki Change Request is an XWiki application allowing to request chang ...)
@@ -291746,10 +291744,14 @@ CVE-2023-XXXX [SQUID-2023:8 Denial of Service in Helper Process management]
 	- squid 6.5-1 (low)
 	- squid3 <removed>
 	TODO: fill in upstream references, cf. https://tracker.debian.org/news/1477295/accepted-squid-65-1-source-into-unstable/
-CVE-2023-XXXX [SQUID-2023:7 Denial of Service in HTTP Message processing]
+CVE-2023-49285 [SQUID-2023:7 Denial of Service in HTTP Message processing]
 	- squid 6.5-1 (low)
 	- squid3 <removed>
-	TODO: fill in upstream references, cf. https://tracker.debian.org/news/1477295/accepted-squid-65-1-source-into-unstable/
+	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-8w9r-p88v-mmx9
+	NOTE: https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b (v5 branch)
+	NOTE: http://www.squid-cache.org/Versions/v5/SQUID-2023_7.patch
+	NOTE: https://github.com/squid-cache/squid/commit/deee944f9a12c9fd399ce52f3e2526bb573a9470 (SQUID_6_5)
+	NOTE: http://www.squid-cache.org/Versions/v6/SQUID-2023_7.patch
 CVE-2019-18860 (Squid before 4.9, when certain web browsers are used, mishandles HTML  ...)
 	{DSA-4732-1 DLA-2278-1}
 	- squid 6.5-1 (low)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/935753fd7e69566ea86e8eb0f59e61b685940b4b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/935753fd7e69566ea86e8eb0f59e61b685940b4b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231205/f0bd59fb/attachment.htm>
