[Secure-testing-commits] r35383 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 9 05:09:32 UTC 2015
Author: carnil
Date: 2015-07-09 05:09:30 +0000 (Thu, 09 Jul 2015)
New Revision: 35383
Modified:
data/CVE/list
Log:
Update one squid3 item, unimportant since would affect only custom builds with --enable-ssl
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-09 04:31:15 UTC (rev 35382)
+++ data/CVE/list 2015-07-09 05:09:30 UTC (rev 35383)
@@ -232,11 +232,11 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/07/06/10
NOTE: http://trac.roundcube.net/ticket/1490417
CVE-2015-XXXX [TLS: Disable client-initiated renegotiation]
- - squid <removed>
- - squid3 <unfixed>
+ - squid <removed> (unimportant)
+ - squid3 <unfixed> (unimportant)
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13849.patch
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/06/8
- TODO: check
+ NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
CVE-2015-XXXX [Do not blindly forward cache peer CONNECT responses]
- squid <removed>
- squid3 <unfixed>
More information about the Secure-testing-commits
mailing list