Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7fb09e7d by Salvatore Bonaccorso at 2019-07-20T19:26:07Z
Update information for CVE-2019-12527/squid3
This is safe to mark this way as the version fremoved from the archive
matching 3.5.x series upstream was 3.5.27-1 and thus earlier as the
introducing version. There were no src:squid3 versions ever affected.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4883,8 +4883,7 @@ CVE-2019-12528
RESERVED
CVE-2019-12527 (An issue was discovered in Squid 4.0.23 through 4.7. When
checking Bas ...)
- squid 4.8-1
- - squid3 <removed>
- [jessie] - squid3 <not-affected> (Vulnerable code is not present)
+ - squid3 <not-affected> (Vulnerable code introduced in 4.0.23)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_5.txt
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch
NOTE: The code in squid 3.x limits the amount of input data decoded to
one byte less
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7fb09e7ded31f8f32b0231e352bf61ef96d72911
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7fb09e7ded31f8f32b0231e352bf61ef96d72911
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
