[Secure-testing-commits] r40479 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Mar 20 15:05:46 UTC 2016
Author: carnil
Date: 2016-03-20 15:05:45 +0000 (Sun, 20 Mar 2016)
New Revision: 40479
Modified:
data/CVE/list
Log:
Correct reference for CVE-2016-2570
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-20 13:33:13 UTC (rev 40478)
+++ data/CVE/list 2016-03-20 15:05:45 UTC (rev 40479)
@@ -2519,7 +2519,6 @@
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13990.patch
NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14548.patch
- NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=3870
NOTE: Upstream confirmed it does not affect squid 2.7.x
CVE-2016-2570 (The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x ...)
- squid3 3.5.15-1 (bug #816011)
@@ -2528,6 +2527,7 @@
- squid <not-affected> (Vulnerable code not present)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13993.patch
+ NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=3870
NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14549.patch
NOTE: Upstream confirmed it does not affect squid 2.7.x
NOTE: It's maybe too instrusive to fix in 3.1 (squeeze and wheezy).
More information about the Secure-testing-commits
mailing list