{"id":"CLSA-2025-1761844638","summary":"Fix CVE(s): CVE-2023-49288, CVE-2023-5824","details":"   * SECURITY UPDATE: excessive cached HTTP response header size causing worker\n     process stall or crash\n     - debian/patches/CVE-2023-5824.patch: Refactor serialized HTTP response header\n       handling to prevent cache flow\n     - CVE-2023-5824\n   * SECURITY UPDATE: Use-After-Free in the HTTP Collapsed Forwarding Feature\n     - debian/patches/CVE-2023-5824.patch: Removed Use-After-Free during refactor\n       serialized HTTP response header\n     - CVE-2023-49288","modified":"2026-06-04T09:45:07.174247493Z","published":"2025-10-30T18:04:01Z","upstream":["CVE-2023-49288","CVE-2023-5824"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/debian10els/CLSA-2025-1761844638.html"}],"affected":[{"package":{"name":"squid","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/squid?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6-1+deb10u10+tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761844638.json"}},{"package":{"name":"squid-cgi","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/squid-cgi?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6-1+deb10u10+tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761844638.json"}},{"package":{"name":"squid-common","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/squid-common?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6-1+deb10u10+tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761844638.json"}},{"package":{"name":"squid-purge","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/squid-purge?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6-1+deb10u10+tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761844638.json"}},{"package":{"name":"squid3","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/squid3?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6-1+deb10u10+tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761844638.json"}},{"package":{"name":"squidclient","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/squidclient?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6-1+deb10u10+tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761844638.json"}}],"schema_version":"1.7.5"}