[Git][security-tracker-team/security-tracker][master] Reserve DLA-1847-1 for squid3
Chris Lamb
lamby at debian.org
Sun Jul 7 21:00:54 BST 2019
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3adb6137 by Chris Lamb at 2019-07-07T20:00:40Z
Reserve DLA-1847-1 for squid3
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[07 Jul 2019] DLA-1847-1 squid3 - security update
+ {CVE-2019-13345}
+ [jessie] - squid3 3.4.8-6+deb8u7
[07 Jul 2019] DLA-1846-1 unzip - security update
{CVE-2019-13232}
[jessie] - unzip 6.0-16+deb8u4
=====================================
data/dla-needed.txt
=====================================
@@ -119,10 +119,6 @@ sqlite3
NOTE: 20190617: A preliminary package with *just* the (presumably) CVE-2019-5827 patches backported:
NOTE: 20190617: https://people.debian.org/~mejo/debian/jessie-security/sqlite3_3.8.7.1-1+deb8u5.dsc
--
-squid3 (Chris Lamb)
- NOTE: 20190707: 2 XSS: first one unaffected AFAICS, second one reflected
- NOTE: 20190707: cachemgr.cgi allows sensitive operations if authenticated (beuc)
---
squirrelmail
NOTE: 20190702: no patch available, upstream apparently inactive,
NOTE: 20190702: reporter just recommends disabling HTML viewing of messages
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3adb61376a43b7b55f6c6c1487cb3a7bd974d2cc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3adb61376a43b7b55f6c6c1487cb3a7bd974d2cc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190707/1081a5bc/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list