[Secure-testing-commits] r29439 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Oct 17 06:13:00 UTC 2014 

Author: carnil
Date: 2014-10-17 06:13:00 +0000 (Fri, 17 Oct 2014)
New Revision: 29439

Modified:
   data/CVE/list
Log:
Add fixed version for squid3 in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-17 04:56:17 UTC (rev 29438)
+++ data/CVE/list	2014-10-17 06:13:00 UTC (rev 29439)
@@ -4456,7 +4456,7 @@
 CVE-2014-6270 (Off-by-one error in the snmpHandleUdp function in snmp_core.cc in ...)
 	- squid <unfixed> (unimportant)
 	NOTE: SNMP not built in squid 2
-	- squid3 <unfixed> (low; bug #761002)
+	- squid3 3.4.8-1 (low; bug #761002)
 	[wheezy] - squid3 <no-dsa> (Minor issue)
 	[squeeze] - squid3 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=895773
@@ -4468,7 +4468,7 @@
 	- squid <unfixed>
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
-	- squid3 <unfixed> (bug #760999)
+	- squid3 3.4.8-1 (bug #760999)
 	[squeeze] - squid3 <no-dsa> (Minor issue)
 	[wheezy] - squid3 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=891268
@@ -4478,7 +4478,7 @@
 	- squid <unfixed>
 	[squeeze] - squid <no-dsa> (Minor issue)
 	[wheezy] - squid <no-dsa> (Minor issue)
-	- squid3 <unfixed> (bug #760999)
+	- squid3 3.4.8-1 (bug #760999)
 	[squeeze] - squid3 <no-dsa> (Minor issue)
 	[wheezy] - squid3 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=891268
@@ -20939,7 +20939,7 @@
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44140
 CVE-2014-0128 (Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is ...)
 	- squid <not-affected> (All Squid-3.0 and older versions not vulnerable)
-	- squid3 <unfixed> (unimportant; bug #741312)
+	- squid3 3.4.8-1 (unimportant; bug #741312)
 	NOTE: http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
 	NOTE: only affects package rebuilds with --enable-ssl by users
 CVE-2014-0127 (The time-validation implementation in (1) mod/feedback/complete.php ...)

More information about the Secure-testing-commits mailing list