Author: carnil Date: 2016-12-18 09:02:20 +0000 (Sun, 18 Dec 2016) New Revision: 47192
Modified: data/CVE/list Log: Two CVEs assigned for squid3 Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-12-18 08:59:37 UTC (rev 47191) +++ data/CVE/list 2016-12-18 09:02:20 UTC (rev 47192) @@ -4,7 +4,7 @@ NOTE: http://zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php NOTE: Fixed by: https://github.com/commontk/DCMTK/commit/1b6bb76 NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/2 -CVE-2016-XXXX [Issue #2, cookie headers and other client-specific private infformation leak] +CVE-2016-10003 [Issue #2, cookie headers and other client-specific private infformation leak] - squid3 <unfixed> (bug #848491) [jessie] - squid3 <not-affected> (Does not affect Squid versions before 3.5.0.1) [wheezy] - squid3 <not-affected> (Does not affect Squid versions before 3.5.0.1) @@ -17,8 +17,8 @@ NOTE: Vulnerable Squid Versions: NOTE: 3.5.0.1 up to and including 3.5.22 NOTE: 4.0.1 up to and including 4.0.16 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/12/17/1 -CVE-2016-XXXX [Issue #1, cookie headers and other client-specific private infformation leak] + NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1 +CVE-2016-10002 [Issue #1, cookie headers and other client-specific private infformation leak] - squid3 <unfixed> (bug #848493) NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_11.txt NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=4169 @@ -32,7 +32,7 @@ NOTE: 3.1.10 up to and including 3.1.23 NOTE: 3.2.0.3 up to and including 3.5.22 NOTE: 4.0.1 up to and including 4.0.16 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/12/17/1 + NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1 CVE-2016-582384 REJECTED CVE-2016-9964 [redirect() doesn't filter "\r\n" which allows for CRLF attack] _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits