Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7ad5b218 by Moritz Muehlenhoff at 2023-10-23T17:24:04+02:00
more squid references
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -107589,6 +107589,7 @@ CVE-2021-46784 (In Squid 3.x through 3.5.28, 4.x
through 4.17, and 5.x before 5.
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w
NOTE:
https://github.com/squid-cache/squid/commit/780c4ea1b4c9d2fb41f6962aa6ed73ae57f74b2b
(v4)
NOTE: Squid 5:
http://www.squid-cache.org/Versions/v5/changesets/SQUID-2021_7.patch
+ NOTE:
https://megamansec.github.io/Squid-Security-Audit/gopher-assert.html
CVE-2022-29559
RESERVED
CVE-2022-29558 (Realtek rtl819x-SDK before v3.6.1 allows command injection
over the we ...)
@@ -168412,6 +168413,7 @@ CVE-2021-33620 (Squid before 4.15 and 5.x before
5.0.6 allows remote servers to
- squid3 <removed>
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-1e05a85bd28c22c9ca5d3ac9f5e86d6269ec0a8c.patch
+ NOTE: https://megamansec.github.io/Squid-Security-Audit/range-fatal.html
CVE-2021-33614
RESERVED
CVE-2021-33613
@@ -173465,6 +173467,7 @@ CVE-2021-31808 (An issue was discovered in Squid
before 4.15 and 5.x before 5.0.
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1185916
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch
+ NOTE:
https://megamansec.github.io/Squid-Security-Audit/range-assert-int.html
CVE-2021-31807 (An issue was discovered in Squid before 4.15 and 5.x before
5.0.6. An ...)
{DSA-4924-1 DLA-2685-1}
- squid 4.13-10 (bug #989043)
@@ -173472,6 +173475,7 @@ CVE-2021-31807 (An issue was discovered in Squid
before 4.15 and 5.x before 5.0.
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1185916
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch
+ NOTE: https://megamansec.github.io/Squid-Security-Audit/range-uaf.html
CVE-2021-31806 (An issue was discovered in Squid before 4.15 and 5.x before
5.0.6. Due ...)
{DSA-4924-1 DLA-2685-1}
- squid 4.13-10 (bug #989043)
@@ -173479,6 +173483,7 @@ CVE-2021-31806 (An issue was discovered in Squid
before 4.15 and 5.x before 5.0.
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1185916
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch
+ NOTE:
https://megamansec.github.io/Squid-Security-Audit/range-assert.html
CVE-2021-31805 (The fix issued for CVE-2020-17530 was incomplete. So from
Apache Strut ...)
- libstruts1.2-java <not-affected> (Vulnerable code not present; fix
for CVE-2020-17530 not applied; specific to 2.x)
NOTE: https://cwiki.apache.org/confluence/display/WW/S2-062
@@ -181758,6 +181763,7 @@ CVE-2021-28662 (An issue was discovered in Squid 4.x
before 4.15 and 5.x before
- squid 4.13-10 (bug #988891)
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-b1c37c9e7b30d0efb5e5ccf8200f2a646b9c36f8.patch
+ NOTE:
https://megamansec.github.io/Squid-Security-Audit/vary-other-assert.html
CVE-2021-28661 (Default SilverStripe GraphQL Server (aka silverstripe/graphql)
3.x thr ...)
NOT-FOR-US: ilverStripe GraphQL Server
CVE-2021-3449 (An OpenSSL TLS server may crash if sent a maliciously crafted
renegoti ...)
@@ -181809,12 +181815,14 @@ CVE-2021-28652 (An issue was discovered in Squid
before 4.15 and 5.x before 5.0.
- squid3 <removed>
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-0003e3518dc95e4b5ab46b5140af79b22253048e.patch
+ NOTE:
https://megamansec.github.io/Squid-Security-Audit/cachemanager-memleak.html
CVE-2021-28651 (An issue was discovered in Squid before 4.15 and 5.x before
5.0.6. Due ...)
{DSA-4924-1 DLA-2685-1}
- squid 4.13-10 (bug #988893)
- squid3 <removed>
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-a975fd5aedc866629214aaaccb38376855351899.patch
+ NOTE: https://megamansec.github.io/Squid-Security-Audit/urn-memleak.html
CVE-2021-28963 (Shibboleth Service Provider before 3.2.1 allows content
injection beca ...)
{DSA-4872-1 DLA-2599-1}
- shibboleth-sp 3.2.1+dfsg1-1 (bug #985405)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ad5b218c5ecd7c30339f4c7bc417a333fca26e7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ad5b218c5ecd7c30339f4c7bc417a333fca26e7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
