[Secure-testing-commits] r43490 - in data: CVE DLA
Santiago Ruano Rincón
santiago at moszumanska.debian.org
Tue Jul 26 11:39:46 UTC 2016
Author: santiago
Date: 2016-07-26 11:39:46 +0000 (Tue, 26 Jul 2016)
New Revision: 43490
Modified:
data/CVE/list
data/DLA/list
Log:
CVE-2016-5408/squid3 fixed by DLA-556-1. Fix references
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-26 11:37:31 UTC (rev 43489)
+++ data/CVE/list 2016-07-26 11:39:46 UTC (rev 43490)
@@ -2736,11 +2736,11 @@
CVE-2016-5409
RESERVED
CVE-2016-5408
+ {DLA-556-1}
RESERVED
- squid3 <not-affected> (Incomplete fix for CVE-2016-4051 not applied)
NOTE: CVE is specific for the incomplete fix of CVE-2016-4051 as applied
- NOTE: by some vendors. Possibly wheezy was as well, but covered with
- NOTE: DLA-556-1.
+ NOTE: by some vendors.
CVE-2016-5407
RESERVED
CVE-2016-5406
@@ -7251,7 +7251,7 @@
NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13235.patch (Squid 3.4)
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14034.patch (Squid 3.5)
CVE-2016-4051 (Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and ...)
- {DSA-3625-1 DLA-556-1 DLA-478-1}
+ {DSA-3625-1 DLA-478-1}
- squid3 3.5.17-1
- squid <removed>
[wheezy] - squid <not-affected> (cachemgr.cgi not installed. squid-cgi binary package built from squid3)
@@ -7260,6 +7260,7 @@
NOTE: http://www.squid-cache.org/Versions/v3/3.3/changesets/SQUID-2016_5.patch (Squid 3.3)
NOTE: http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_5.patch (Squid 3.4)
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_5.patch (Squid 3.5)
+ NOTE: Fixed in wheezy by DLA-556-1, c.f. CVE-2016-5408
CVE-2016-4044
RESERVED
CVE-2016-4043
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-07-26 11:37:31 UTC (rev 43489)
+++ data/DLA/list 2016-07-26 11:39:46 UTC (rev 43490)
@@ -13,7 +13,7 @@
[23 Jul 2016] DLA-557-1 dietlibc - security update
[wheezy] - dietlibc 0.33~cvs20120325-4+deb7u1
[22 Jul 2016] DLA-556-1 squid3 - security update
- {CVE-2016-4051}
+ {CVE-2016-5408}
[wheezy] - squid3 3.1.20-2.2+deb7u6
[21 Jul 2016] DLA-555-1 python-django - security update
{CVE-2016-6186}
More information about the Secure-testing-commits
mailing list