Roberto C. Sánchez pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eae26065 by Roberto C. Sánchez at 2019-07-20T19:06:32Z
LTS/update status of CVE-2019-12527/squid3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4884,9 +4884,10 @@ CVE-2019-12528
CVE-2019-12527 (An issue was discovered in Squid 4.0.23 through 4.7. When
checking Bas ...)
- squid 4.8-1
- squid3 <removed>
+ [jessie] - squid3 <not-affected> (Vulnerable code is not present)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_5.txt
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch
- TODO: check why this owuld not affect 3.x versions of upstream Squid.
+ NOTE: The code in squid 3.x limits the amount of input data decoded to
one byte less than the length of the target buffer, whilst in 4.x the entire
input is decoded without regard for the size of the target buffer
CVE-2019-12526
RESERVED
CVE-2019-12525 (An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x
through ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/eae26065ca3b0d03b108c5428a228c3f0f7661f3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/eae26065ca3b0d03b108c5428a228c3f0f7661f3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
