[Secure-testing-commits] r12433 - in data: CVE DSA
Nico Golde
nion at alioth.debian.org
Tue Jul 28 18:55:05 UTC 2009
Author: nion
Date: 2009-07-28 18:55:04 +0000 (Tue, 28 Jul 2009)
New Revision: 12433
Modified:
data/CVE/list
data/DSA/list
Log:
cveified squid3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-28 17:19:38 UTC (rev 12432)
+++ data/CVE/list 2009-07-28 18:55:04 UTC (rev 12433)
@@ -1,6 +1,7 @@
-CVE-2009-XXXX [squid3 DoS]
+CVE-2009-2622 [squid3 DoS because of missing bounds checks]
- squid3 <unfixed> (medium; bug #538989)
- [etch] - squid2 <not-affected> (Vulnerable code introduce in 3.x)
+CVE-2009-2621 [squid3 DoS because of insufficient input validation from req/resp]
+ - squid3 <unfixed> (medium; bug #538989)
CVE-2009-2595 (Cross-site scripting (XSS) vulnerability in productSearch.html in ...)
NOT-FOR-US: Censura
CVE-2009-2594 (Cross-site scripting (XSS) vulnerability in censura.php in Censura ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2009-07-28 17:19:38 UTC (rev 12432)
+++ data/DSA/list 2009-07-28 18:55:04 UTC (rev 12433)
@@ -1,4 +1,6 @@
[28 Jul 2009] DSA-1843-1 squid3 - denial of service
+ {CVE-2009-2621 CVE-2009-2622}
+ [etch] - squid <not-affected> (Vulnerable code introduced in 3.x)
[lenny] - squid3 3.0.STABLE8-3+lenny1
[28 Jul 2009] DSA-1842-1 openexr - several vulnerabilities
{CVE-2009-1720 CVE-2009-1721 CVE-2009-1722}
More information about the Secure-testing-commits
mailing list