[Git][security-tracker-team/security-tracker][master] Reserve DLA-2685-1 for squid3

Sun, 13 Jun 2021 20:07:43 -0700 


Abhijith PA pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0e418d73 by Abhijith PA at 2021-06-14T08:37:17+05:30
Reserve DLA-2685-1 for squid3

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[14 Jun 2021] DLA-2685-1 squid3 - security update
+       {CVE-2021-28651 CVE-2021-28652 CVE-2021-31806 CVE-2021-31807 
CVE-2021-31808 CVE-2021-33620}
+       [stretch] - squid3 3.5.23-5+deb9u7
 [10 Jun 2021] DLA-2684-1 lasso - security update
        {CVE-2021-28091}
        [stretch] - lasso 2.5.0-5+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -119,14 +119,6 @@ sogo (Anton Gladky)
   NOTE: 20210603: maybe mention in announcement the recommendation to 
invalidate user
   NOTE: 20210603: sessions (see upstream blog). (pochu)
 --
-squid3 (Abhijith PA)
-  NOTE: 20210523:  not sure whether all CVEs realy affect Stretch
-  NOTE: 20210528: Looks like all CVEs affect stretch. (Ola)
-  NOTE: 20210528: For some buildRangeHeader has just moved from one file to 
another. (Ola)
-  NOTE: 20210603: I'm working on a ELTS fix and it's the same version, WIP 
backported patches at:
-  NOTE: 20210603: https://www.beuc.net/tmp/debian-elts/squid3/ (Beuc)
-  NOTE: 20210609: https://deb.freexian.com/extended-lts/pool/main/s/squid3/ 
(Beuc)
---
 xmlbeans
   NOTE: 20210222: Affected code changed significantly from 2.6.0 to 3.0.0 (the
   NOTE: 20210222: upstream release with the fix).  Trying to determine how to



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e418d7310879f71579f06555d356e056068bfff

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e418d7310879f71579f06555d356e056068bfff
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to