Overview

File _patchinfo of Package patchinfo.31382

<patchinfo incident="31382">
  <issue tracker="bnc" id="1216495">VUL-0: CVE-2023-46847: squid: Denial of Service in HTTP Digest Authentication (SQUID-2023:3)</issue>
  <issue tracker="bnc" id="1216500">VUL-0: CVE-2023-46846: squid: Request/Response smuggling in HTTP/1.1 and ICAP (SQUID-2023:1)</issue>
  <issue tracker="bnc" id="1216498">VUL-0: CVE-2023-46848: squid: Denial of Service in FTP (SQUID-2023:5)</issue>
  <issue tracker="bnc" id="1216803">VUL-0: CVE-2023-46724: squid: Denial of Service in SSL Certificate validation</issue>
  <issue tracker="cve" id="2023-46848"/>
  <issue tracker="cve" id="2023-46724"/>
  <issue tracker="cve" id="2023-46846"/>
  <issue tracker="cve" id="2023-46847"/>
  <packager>adamm</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for squid</summary>
  <description>This update for squid fixes the following issues:

- CVE-2023-46846: Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500).
- CVE-2023-46847: Denial of Service in HTTP Digest Authentication (bsc#1216495).
- CVE-2023-46724: Fix validation of certificates with CN=* (bsc#1216803).
- CVE-2023-46848: Denial of Service in FTP (bsc#1216498).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places