[Secure-testing-commits] r37071 - data/CVE

Sun, 11 Oct 2015 22:07:14 -0700 

Author: fgeek-guest
Date: 2015-10-12 05:06:01 +0000 (Mon, 12 Oct 2015)
New Revision: 37071

Modified:
   data/CVE/list
Log:
CVE-2014-9749 assigned for vulnerability in squid

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-10-12 03:47:18 UTC (rev 37070)
+++ data/CVE/list       2015-10-12 05:06:01 UTC (rev 37071)
@@ -242,8 +242,15 @@
        {DSA-3154-2 DSA-3154-1 DLA-149-1}
        - ntp 1:4.2.6.p5+dfsg-5
        NOTE: http://bugs.ntp.org/show_bug.cgi?id=2671
-CVE-2014-9749
+CVE-2014-9749 [Digest authentification never replay Ldap requests]
        RESERVED
+       - squid <not-affected> (related code not present in 2.7.X)
+       - squid3 3.4.8-6 (bug #776464)
+       [wheezy] - squid3 <no-dsa> (Minor issue)
+       [squeeze] - squid3 <no-dsa> (Minor issue)
+       NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=4066
+       NOTE: http://bazaar.launchpad.net/~squid/squid/3.4/revision/13211 
(Squid 3.4)
+       NOTE: http://bazaar.launchpad.net/~squid/squid/3.5/revision/13735 
(Squid 3.5)
 CVE-2014-9748
        RESERVED
 CVE-2015-7713 [Nova network security group changes are not applied to running 
instances]
@@ -17723,15 +17730,6 @@
 CVE-2015-1554 [can be crashed by some network traffic]
        RESERVED
        - kgb-bot <undetermined> (bug #776424)
-CVE-2014-XXXX [Digest authentification never replay Ldap requests]
-       - squid <not-affected> (related code not present in 2.7.X)
-       - squid3 3.4.8-6 (bug #776464)
-       [wheezy] - squid3 <no-dsa> (Minor issue)
-       [squeeze] - squid3 <no-dsa> (Minor issue)
-       NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=4066
-       NOTE: http://bazaar.launchpad.net/~squid/squid/3.4/revision/13211 
(Squid 3.4)
-       NOTE: http://bazaar.launchpad.net/~squid/squid/3.5/revision/13735 
(Squid 3.5)
-       NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/10/01/1
 CVE-2015-1369 (SQL injection vulnerability in Sequelize before 2.0.0-rc7 for 
Node.js ...)
        NOT-FOR-US: sequelize
 CVE-2015-1354


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to