[Git][security-tracker-team/security-tracker][master] CVE-2023-46724/squid assigned

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 1 20:34:40 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
837dbd01 by Salvatore Bonaccorso at 2023-11-01T21:31:40+01:00
CVE-2023-46724/squid assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,8 +31,6 @@ CVE-2023-46927 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-ove
 	NOTE: https://github.com/gpac/gpac/commit/a7b467b151d9b54badbc4dd71e7a366b7c391817
 CVE-2023-46911 (There is a Cross Site Scripting (XSS) vulnerability in the choose_styl ...)
 	NOT-FOR-US: Jspxcms
-CVE-2023-46724 (Squid is a caching proxy for the Web. Due to an Improper Validation of ...)
-	TODO: check
 CVE-2023-46482 (SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attack ...)
 	NOT-FOR-US: wuzhicms
 CVE-2023-42750 (In gnss service, there is a possible out of bounds write due to a miss ...)
@@ -1823,7 +1821,7 @@ CVE-2023-XXXX [SQUID-2021:8 Denial of Service in Gopher gateway]
 	NOTE: https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3 (SQUID_6_0_1)
 	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-cg5h-v6vc-w33f
 	NOTE: https://megamansec.github.io/Squid-Security-Audit/gopher-nullpointer.html
-CVE-2023-XXXX [Squid: Buffer UnderRead in SSL CN Parsing]
+CVE-2023-46724  [Squid: Buffer UnderRead in SSL CN Parsing]
 	- squid <unfixed>
 	[buster] - squid <not-affected> (Doesn't build with OpenSSL yet)
 	NOTE: https://github.com/squid-cache/squid/commit/792ef23e6e1c05780fe17f733859eef6eb8c8be3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/837dbd013cfedc915bfb5ae7c0390ec927d3f35f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/837dbd013cfedc915bfb5ae7c0390ec927d3f35f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231101/b764c92d/attachment.htm>

More information about the debian-security-tracker-commits mailing list