[Secure-testing-commits] r39062 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jan 21 19:37:49 UTC 2016
Author: carnil
Date: 2016-01-21 19:37:49 +0000 (Thu, 21 Jan 2016)
New Revision: 39062
Modified:
data/CVE/list
Log:
Add two privoxy issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-21 18:51:03 UTC (rev 39061)
+++ data/CVE/list 2016-01-21 19:37:49 UTC (rev 39062)
@@ -1,3 +1,15 @@
+CVE-2016-XXXX [Remove empty Host headers in client requests; resulting in invalid reads]
+ - privoxy <unfixed>
+ NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/21/4
+ NOTE: Fixed in 3.0.24
+ TODO: check versions
+CVE-2016-XXXX [Prevent invalid reads in case of corrupt chunk-encoded content]
+ - privoxy <unfixed>
+ NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/filters.c?r1=1.196&r2=1.197
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/21/4
+ NOTE: Fixed in 3.0.24
+ TODO: check versions
CVE-2016-1926
RESERVED
CVE-2016-1921
More information about the Secure-testing-commits
mailing list