[Secure-testing-commits] r35341 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 6 11:51:23 UTC 2015
Author: carnil
Date: 2015-07-06 11:51:23 +0000 (Mon, 06 Jul 2015)
New Revision: 35341
Modified:
data/CVE/list
Log:
Add temporary items for two squid issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-06 10:03:52 UTC (rev 35340)
+++ data/CVE/list 2015-07-06 11:51:23 UTC (rev 35341)
@@ -1,3 +1,15 @@
+CVE-2015-XXXX [TLS: Disable client-initiated renegotiation]
+ - squid <removed>
+ - squid3 <unfixed>
+ NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13849.patch
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/06/8
+ TODO: check
+CVE-2015-XXXX [Do not blindly forward cache peer CONNECT responses]
+ - squid <removed>
+ - squid3 <unfixed>
+ NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13856.patch
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/06/8
+ TODO: check
CVE-2015-XXXX [nodejs OOB write in utf8]
- nodejs <not-affected> (Only affects 0.12.x)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/05/1
More information about the Secure-testing-commits
mailing list