Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 821293c3 by Salvatore Bonaccorso at 2021-06-25T09:37:06+02:00 Add newly reported trafficserver CVEs Need further investigation for the affected versions. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -46,8 +46,9 @@ CVE-2021-3615 RESERVED CVE-2021-3614 RESERVED -CVE-2021-35474 +CVE-2021-35474 [Dynamic stack buffer overflow in cachekey plugin] RESERVED + - trafficserver <unfixed> (bug #990303) CVE-2021-35473 RESERVED CVE-2021-35472 @@ -6564,12 +6565,15 @@ CVE-2021-32569 RESERVED CVE-2021-32568 RESERVED -CVE-2021-32567 +CVE-2021-32567 [Reading HTTP/2 frames too many times] RESERVED -CVE-2021-32566 + - trafficserver <unfixed> (bug #990303) +CVE-2021-32566 [Specific sequence of HTTP/2 frames can cause ATS to crash] RESERVED -CVE-2021-32565 + - trafficserver <unfixed> (bug #990303) +CVE-2021-32565 [HTTP Request Smuggling, content length with invalid charters] RESERVED + - trafficserver <unfixed> (bug #990303) CVE-2021-32564 RESERVED CVE-2021-32562 @@ -18765,8 +18769,9 @@ CVE-2021-27579 (Snow Inventory Agent through 6.7.0 on Windows uses CPUID to repo NOT-FOR-US: Snow Inventory Agent CVE-2021-27578 RESERVED -CVE-2021-27577 +CVE-2021-27577 [Incorrect handling of url fragment leads to cache poisoning] RESERVED + - trafficserver <unfixed> (bug #990303) CVE-2021-27576 (If was found that the NetTest web service can be used to overload the ...) NOT-FOR-US: Apache OpenMeetings CVE-2021-27575 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/821293c37aa6e031f8d8d38dbe681eb4062e9868 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/821293c37aa6e031f8d8d38dbe681eb4062e9868 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits