[Secure-testing-commits] r22921 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jul 12 06:43:29 UTC 2013
Author: jmm
Date: 2013-07-12 06:43:29 +0000 (Fri, 12 Jul 2013)
New Revision: 22921
Modified:
data/CVE/list
Log:
filed bug for squid, oldstable/stable not affected
nagstamon no-dsa, the update checks are disabled with a Debian-specific patch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-12 06:24:32 UTC (rev 22920)
+++ data/CVE/list 2013-07-12 06:43:29 UTC (rev 22921)
@@ -1405,13 +1405,15 @@
NOTE: https://github.com/isaacs/npm/issues/3635
CVE-2013-4115 [SQUID-2013:2: buffer overflow in HTTP request handling]
RESERVED
- - squid <unfixed>
- - squid3 <unfixed>
+ - squid <not-affected> (Only affects 3.2 onwards)
+ - squid3 <unfixed> (bug #716743)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2013_2.txt
- TODO: check
CVE-2013-4114 [nagstamon: credentials exposure]
RESERVED
- - nagstamon <unfixed> (medium; bug #716718)
+ - nagstamon <unfixed> (low; bug #716718)
+ [wheezy] - nagstamon <no-dsa> (Minor issue)
+ [squeeze] - nagstamon <no-dsa> (Minor issue)
+ NOTE: update checks are disabled in Debian by default, see debian/patches/check-for-new-version.patch
CVE-2013-4113 [php5: heap corruption in the XML parser]
RESERVED
- php5 <unfixed>
More information about the Secure-testing-commits
mailing list