File _patchinfo of Package patchinfo.31382
<patchinfo incident="31382">
<issue tracker="bnc" id="1216495">VUL-0: CVE-2023-46847: squid: Denial of Service in HTTP Digest Authentication (SQUID-2023:3)</issue>
<issue tracker="bnc" id="1216500">VUL-0: CVE-2023-46846: squid: Request/Response smuggling in HTTP/1.1 and ICAP (SQUID-2023:1)</issue>
<issue tracker="bnc" id="1216498">VUL-0: CVE-2023-46848: squid: Denial of Service in FTP (SQUID-2023:5)</issue>
<issue tracker="bnc" id="1216803">VUL-0: CVE-2023-46724: squid: Denial of Service in SSL Certificate validation</issue>
<issue tracker="cve" id="2023-46848"/>
<issue tracker="cve" id="2023-46724"/>
<issue tracker="cve" id="2023-46846"/>
<issue tracker="cve" id="2023-46847"/>
<packager>adamm</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for squid</summary>
<description>This update for squid fixes the following issues:
- CVE-2023-46846: Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500).
- CVE-2023-46847: Denial of Service in HTTP Digest Authentication (bsc#1216495).
- CVE-2023-46724: Fix validation of certificates with CN=* (bsc#1216803).
- CVE-2023-46848: Denial of Service in FTP (bsc#1216498).
</description>
</patchinfo>