Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7ad5b218 by Moritz Muehlenhoff at 2023-10-23T17:24:04+02:00 more squid references - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -107589,6 +107589,7 @@ CVE-2021-46784 (In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5. NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w NOTE: https://github.com/squid-cache/squid/commit/780c4ea1b4c9d2fb41f6962aa6ed73ae57f74b2b (v4) NOTE: Squid 5: http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/gopher-assert.html CVE-2022-29559 RESERVED CVE-2022-29558 (Realtek rtl819x-SDK before v3.6.1 allows command injection over the we ...) @@ -168412,6 +168413,7 @@ CVE-2021-33620 (Squid before 4.15 and 5.x before 5.0.6 allows remote servers to - squid3 <removed> NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-1e05a85bd28c22c9ca5d3ac9f5e86d6269ec0a8c.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/range-fatal.html CVE-2021-33614 RESERVED CVE-2021-33613 @@ -173465,6 +173467,7 @@ CVE-2021-31808 (An issue was discovered in Squid before 4.15 and 5.x before 5.0. NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1185916 NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/range-assert-int.html CVE-2021-31807 (An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An ...) {DSA-4924-1 DLA-2685-1} - squid 4.13-10 (bug #989043) @@ -173472,6 +173475,7 @@ CVE-2021-31807 (An issue was discovered in Squid before 4.15 and 5.x before 5.0. NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1185916 NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/range-uaf.html CVE-2021-31806 (An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ...) {DSA-4924-1 DLA-2685-1} - squid 4.13-10 (bug #989043) @@ -173479,6 +173483,7 @@ CVE-2021-31806 (An issue was discovered in Squid before 4.15 and 5.x before 5.0. NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1185916 NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/range-assert.html CVE-2021-31805 (The fix issued for CVE-2020-17530 was incomplete. So from Apache Strut ...) - libstruts1.2-java <not-affected> (Vulnerable code not present; fix for CVE-2020-17530 not applied; specific to 2.x) NOTE: https://cwiki.apache.org/confluence/display/WW/S2-062 @@ -181758,6 +181763,7 @@ CVE-2021-28662 (An issue was discovered in Squid 4.x before 4.15 and 5.x before - squid 4.13-10 (bug #988891) NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-b1c37c9e7b30d0efb5e5ccf8200f2a646b9c36f8.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/vary-other-assert.html CVE-2021-28661 (Default SilverStripe GraphQL Server (aka silverstripe/graphql) 3.x thr ...) NOT-FOR-US: ilverStripe GraphQL Server CVE-2021-3449 (An OpenSSL TLS server may crash if sent a maliciously crafted renegoti ...) @@ -181809,12 +181815,14 @@ CVE-2021-28652 (An issue was discovered in Squid before 4.15 and 5.x before 5.0. - squid3 <removed> NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447 NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-0003e3518dc95e4b5ab46b5140af79b22253048e.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/cachemanager-memleak.html CVE-2021-28651 (An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due ...) {DSA-4924-1 DLA-2685-1} - squid 4.13-10 (bug #988893) - squid3 <removed> NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4 NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-a975fd5aedc866629214aaaccb38376855351899.patch + NOTE: https://megamansec.github.io/Squid-Security-Audit/urn-memleak.html CVE-2021-28963 (Shibboleth Service Provider before 3.2.1 allows content injection beca ...) {DSA-4872-1 DLA-2599-1} - shibboleth-sp 3.2.1+dfsg1-1 (bug #985405) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ad5b218c5ecd7c30339f4c7bc417a333fca26e7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ad5b218c5ecd7c30339f4c7bc417a333fca26e7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits