[Git][security-tracker-team/security-tracker][master] Reserve DLA-4083-1 for squid

Tue, 11 Mar 2025 04:59:23 -0700 


Jochen Sprickerhof pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
48eb1d29 by Jochen Sprickerhof at 2025-03-11T12:58:48+01:00
Reserve DLA-4083-1 for squid

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[11 Mar 2025] DLA-4083-1 squid - security update
+       {CVE-2024-25111 CVE-2024-37894 CVE-2024-45802}
+       [bullseye] - squid 4.13-10+deb11u4
 [10 Mar 2025] DLA-4082-1 ruby2.7 - security update
        {CVE-2025-27219 CVE-2025-27220 CVE-2025-27221}
        [bullseye] - ruby2.7 2.7.4-1+deb11u5


=====================================
data/dla-needed.txt
=====================================
@@ -267,19 +267,6 @@ sogo
   NOTE: 20240922: Added by Front-Desk (apo)
   NOTE: 20240922: See also postponed issues.
 --
-squid (jspricke)
-  NOTE: 20240308: Added by oldstable Security Team (apo)
-  NOTE: 20240308: Readd squid to dsa-needed.txt
-  NOTE: 20240308: There are still unfixed problems in both supported versions. 
Especially
-  NOTE: 20240308: the fix for CVE-2023-5824 is kind of intrusive. (apo)
-  NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk)
-  NOTE: 20240930: Backported most patches, help will be needed with 
CVE-2024-25111 (roberto)
-  NOTE: 20241028: Sorted out all the patch backports. Still need to test 
(roberto)
-  NOTE: 20250125: Reviewing my previous work, it is clear that there is an 
error in the CVE-2024-25111 patch
-  NOTE: 20250125: I cannot figure out the right way to backport the call to 
the NaturalSum function
-  NOTE: 20250125: This requires someone who knows/understands c++17 semantics.
-  NOTE: 20250125: The other patches were straightforward, but I recommend 
reviewing them all the same (roberto)
---
 suricata (abhijith)
   NOTE: 20250112: Added by Front-Desk (ta)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48eb1d29a2d69da60b927d5260bad4019e7a659e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48eb1d29a2d69da60b927d5260bad4019e7a659e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to