[Secure-testing-commits] r40966 - in data: . CVE
Sebastien Delafond
seb at moszumanska.debian.org
Mon Apr 18 07:57:26 UTC 2016
Author: seb
Date: 2016-04-18 07:57:26 +0000 (Mon, 18 Apr 2016)
New Revision: 40966
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
Take varnish (http://www.openwall.com/lists/oss-security/2016/04/16/1)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-17 21:10:12 UTC (rev 40965)
+++ data/CVE/list 2016-04-18 07:57:26 UTC (rev 40966)
@@ -3656,6 +3656,12 @@
RESERVED
CVE-2016-2574
RESERVED
+CVE-2016-XXXX [HTTP Smuggling issues: Double Content Length and bad EOL]
+ - varnish 3.0.7
+ [jessie] - varnish <not-affected> (Vulnerable code introduced later)
+ NOTE: CVE Request http://www.openwall.com/lists/oss-security/2016/04/16/1
+ NOTE: fixed in 3.0.7
+ NOTE: 4.x not affected
CVE-2016-XXXX [read out-of-bounds in TextEndsWithNewline]
- tidy-html5 <itp> (bug #770129)
NOTE: https://github.com/htacg/tidy-html5/issues/379
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2016-04-17 21:10:12 UTC (rev 40965)
+++ data/dsa-needed.txt 2016-04-18 07:57:26 UTC (rev 40966)
@@ -73,3 +73,5 @@
--
tomcat8
--
+varnish/oldstable (seb)
+ http://permalink.gmane.org/gmane.comp.security.oss.general/19316
More information about the Secure-testing-commits
mailing list