[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-49606/tinyproxy as postponed for buster
Utkarsh Gupta (@utkarsh)
utkarsh at debian.org
Mon May 20 02:12:18 BST 2024
Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d1f33e10 by Utkarsh Gupta at 2024-05-20T06:41:57+05:30
Mark CVE-2023-49606/tinyproxy as postponed for buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7518,6 +7518,7 @@ CVE-2023-7241 (Privilege Escalationin WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.
NOT-FOR-US: Webroot Antivirus
CVE-2023-49606 (A use-after-free vulnerability exists in the HTTP Connection Headers p ...)
- tinyproxy 1.11.1-4 (bug #1070395)
+ [buster] - tinyproxy <postponed> (Not exploitable easily for RCE; but fix with next update)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889
NOTE: https://github.com/tinyproxy/tinyproxy/issues/533
NOTE: https://github.com/tinyproxy/tinyproxy/commit/12a8484265f7b00591293da492bb3c9987001956
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1f33e10b8bc8824a71fa6b23ebd6e18c0c1a742
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1f33e10b8bc8824a71fa6b23ebd6e18c0c1a742
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240520/571400fc/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list