Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: 82c50362 by Chris Lamb at 2021-03-16T11:12:10+00:00 data/dla-needed.txt: Triage squid3 for stretch LTS (CVE-2020-25097 & CVE-2021-28116). - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -133,6 +133,10 @@ spotweb NOTE: 20210122: Upstream fix trivially bypassed, reported under CVE-2021-3286 NOTE: 20210127: Upstream says "we can fix this but it may take some time", revisit later (Beuc) -- +squid3 + NOTE: 20210316: Patch is for squid 4.0, but vulnerable to in CVE-2020-25097 in src/url.cc. (lamby) + NOTE: 20210316: Also check CVE-2021-28116. (lamby) +-- subversion (Thorsten Alteholz) NOTE: 20210307: solving build problems (on IPv6 only host) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82c503623cdf27337861d7e556c646437a36795a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82c503623cdf27337861d7e556c646437a36795a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits