Add CVE-2021-41611/squid

Not adding the squid3 <removed> entries as the issue only affects the 5.x series, and neither 4.x.
author: Salvatore Bonaccorso <carnil@debian.org> 2021-10-07 23:39:26 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-10-07 23:39:26 +0200
commit: 92ef905c8623b2d0490a2107c741e1bdc8a433c1 (patch)
tree: 3a71a1050910899a0f9b771956b2766d5c6d7f45
parent: a507c9acc18d4baad99622e3aef161aca9a9aba8 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 4348dbd2e2..2871719349 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1084,8 +1084,13 @@ CVE-2021-41613
 	RESERVED
 CVE-2021-41612
 	RESERVED
-CVE-2021-41611
+CVE-2021-41611 [SQUID-2021:6 Improper Certificate Validation of TLS server certificates]
 	RESERVED
+	- squid <unfixed>
+	[bullseye] - squid <not-affected> (Vulnerable code introduced later)
+	[buster] - squid <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-47m4-g3mv-9q5r
+	NOTE: Fixed by: http://www.squid-cache.org/Versions/v5/changesets/squid-5-533b4359f16cf9ed15a6d709a57a4b06e4222cfe.patch
 CVE-2021-3829
 	RESERVED
 CVE-2021-41610
author	Salvatore Bonaccorso <carnil@debian.org>	2021-10-07 23:39:26 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-10-07 23:39:26 +0200
commit	92ef905c8623b2d0490a2107c741e1bdc8a433c1 (patch)
tree	3a71a1050910899a0f9b771956b2766d5c6d7f45
parent	a507c9acc18d4baad99622e3aef161aca9a9aba8 (diff)