[Git][security-tracker-team/security-tracker][master] CVE-2023-49286/squid assigned

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 5 08:36:09 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb7148dd by Salvatore Bonaccorso at 2023-12-05T09:35:22+01:00
CVE-2023-49286/squid assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50,8 +50,6 @@ CVE-2023-49289 (Ajax.NET Professional (AjaxPro) is an AJAX framework for Microso
 	TODO: check
 CVE-2023-49288 (Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and  ...)
 	TODO: check
-CVE-2023-49286 (Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and  ...)
-	TODO: check
 CVE-2023-49284 (fish is a smart and user-friendly command line shell for macOS, Linux, ...)
 	TODO: check
 CVE-2023-49280 (XWiki Change Request is an XWiki application allowing to request chang ...)
@@ -291740,10 +291738,12 @@ CVE-2019-18862 (maidag in GNU Mailutils before 3.8 is installed setuid and allow
 	NOTE: /usr/sbin/maidat not installed suid root on Debian
 CVE-2019-18861
 	RESERVED
-CVE-2023-XXXX [SQUID-2023:8 Denial of Service in Helper Process management]
+CVE-2023-49286 [SQUID-2023:8 Denial of Service in Helper Process management]
 	- squid 6.5-1 (low)
 	- squid3 <removed>
-	TODO: fill in upstream references, cf. https://tracker.debian.org/news/1477295/accepted-squid-65-1-source-into-unstable/
+	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-xggx-9329-3c27
+	NOTE: https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264 (SQUID_6_5)
+	NOTE: http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch
 CVE-2023-49285 [SQUID-2023:7 Denial of Service in HTTP Message processing]
 	- squid 6.5-1 (low)
 	- squid3 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb7148ddc53efdffd4ed24588de45f7cccc9d0dc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb7148ddc53efdffd4ed24588de45f7cccc9d0dc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231205/3383d507/attachment.htm>

More information about the debian-security-tracker-commits mailing list