[Secure-testing-commits] r38203 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Dec 10 10:38:38 UTC 2015
Author: hertzog
Date: 2015-12-10 10:38:38 +0000 (Thu, 10 Dec 2015)
New Revision: 38203
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Mark CVE-2015-5400/squid as no-dsa for squeeze
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-10 10:25:09 UTC (rev 38202)
+++ data/CVE/list 2015-12-10 10:38:38 UTC (rev 38203)
@@ -9224,6 +9224,7 @@
CVE-2015-5400 (Squid before 3.5.6 does not properly handle CONNECT method peer ...)
{DSA-3327-1 DLA-286-1}
- squid <removed>
+ [squeeze] - squid <no-dsa> (Fix is hard to backport and default configuration is not affected)
- squid3 3.5.6-1 (bug #793128)
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13856.patch (3.5)
NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13225.patch (3.4)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2015-12-10 10:25:09 UTC (rev 38202)
+++ data/dla-needed.txt 2015-12-10 10:38:38 UTC (rev 38203)
@@ -45,9 +45,6 @@
--
redmine (Antoine Beaupré)
--
-squid
- NOTE: CVE-2015-5400: Fix is hard to backport, and default configuration is not affected
---
sudo (Ben Hutchings)
NOTE: Maintainer want to review the updated package:
https://lists.debian.org/87fv0hmref.fsf@rover.gag.com
More information about the Secure-testing-commits
mailing list