[Git][security-tracker-team/security-tracker][master] 2 commits: Add blog reference for CVE-2024-25617/squid

Fri Feb 16 21:03:58 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
35bd00e5 by Salvatore Bonaccorso at 2024-02-16T22:01:49+01:00
Add blog reference for CVE-2024-25617/squid

- - - - -
2b3034a8 by Salvatore Bonaccorso at 2024-02-16T22:01:51+01:00
Add squid3 tracking for CVE-2024-25617

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -271,9 +271,11 @@ CVE-2024-25618 (Mastodon is a free, open-source social network server based on A
 	- mastodon <itp> (bug #859741)
 CVE-2024-25617 (Squid is an open source caching proxy for the Web supporting HTTP, HTT ...)
 	- squid 6.5-1
+	- squid3 <removed>
 	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-h5x6-w8mv-xfpr
 	NOTE: https://github.com/squid-cache/squid/commit/72a3bbd5e431597c3fdb56d752bc56b010ba3817 (SQUID_6_5)
 	NOTE: https://github.com/squid-cache/squid/pull/1536
+	NOTE: https://megamansec.github.io/Squid-Security-Audit/response-memleaks.html
 CVE-2024-25559 (URL spoofing vulnerability exists in a-blog cms Ver.3.1.0 to Ver.3.1.8 ...)
 	NOT-FOR-US: a-blog cms
 CVE-2024-24386 (An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2809a96321a608bdd275cc2518e67e5fc3072dce...2b3034a8f10ca87887da5b456c1aedb2a617374a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2809a96321a608bdd275cc2518e67e5fc3072dce...2b3034a8f10ca87887da5b456c1aedb2a617374a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240216/8cf70128/attachment.htm>
