[Git][security-tracker-team/security-tracker][master] Add references for varnish issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Apr 5 05:18:07 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
267271c9 by Salvatore Bonaccorso at 2024-04-05T06:15:44+02:00
Add references for varnish issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3989,6 +3989,7 @@ CVE-2024-30161 (In Qt before 6.5.6 and 6.6.x before 6.6.3, the wasm component ma
 CVE-2024-30156 (Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 L ...)
 	- varnish <unfixed>
 	NOTE: https://varnish-cache.org/security/VSV00014.html
+	NOTE: https://varnish-cache.org/docs/7.5/whats-new/changes-7.5.html#cve-2024-30156
 	NOTE: https://github.com/varnishcache/varnish-cache/commit/c0201724f0280894ec714fe76fc26ba9831f0551 (varnish-7.5.0)
 	NOTE: https://github.com/varnishcache/varnish-cache/commit/727a5f80347545b6fc7a6aa48f9fb74e90528f0c (varnish-7.5.0)
 	NOTE: https://github.com/varnishcache/varnish-cache/commit/42a10e90015bd8a9cb1c7c2e0e313f8b5ae9ebe9 (varnish-7.5.0)
@@ -37761,6 +37762,7 @@ CVE-2023-44487 (The HTTP/2 protocol allows a denial of service (server resource
 	NOTE: netty: https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 (netty-4.1.100.Final)
 	NOTE: varnish: https://varnish-cache.org/security/VSV00013.html
 	NOTE: varnish: https://github.com/varnishcache/varnish-cache/issues/3996
+	NOTE: https://varnish-cache.org/docs/7.5/whats-new/changes-7.5.html#cve-2023-44487
 	NOTE: Unaffected implementations not requiring code changes:
 	NOTE: - rust-hyper: https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
 	NOTE: - apache2: https://chaos.social/@icing/111210915918780532



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/267271c9751dccf207e7a8b6a220850d21dab97c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/267271c9751dccf207e7a8b6a220850d21dab97c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240405/5f051211/attachment.htm>

More information about the debian-security-tracker-commits mailing list