Author: nion
Date: 2009-07-28 18:55:04 +0000 (Tue, 28 Jul 2009)
New Revision: 12433
Modified:
data/CVE/list
data/DSA/list
Log:
cveified squid3
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-07-28 17:19:38 UTC (rev 12432)
+++ data/CVE/list 2009-07-28 18:55:04 UTC (rev 12433)
@@ -1,6 +1,7 @@
-CVE-2009-XXXX [squid3 DoS]
+CVE-2009-2622 [squid3 DoS because of missing bounds checks]
- squid3 <unfixed> (medium; bug #538989)
- [etch] - squid2 <not-affected> (Vulnerable code introduce in 3.x)
+CVE-2009-2621 [squid3 DoS because of insufficient input validation from
req/resp]
+ - squid3 <unfixed> (medium; bug #538989)
CVE-2009-2595 (Cross-site scripting (XSS) vulnerability in productSearch.html
in ...)
NOT-FOR-US: Censura
CVE-2009-2594 (Cross-site scripting (XSS) vulnerability in censura.php in
Censura ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2009-07-28 17:19:38 UTC (rev 12432)
+++ data/DSA/list 2009-07-28 18:55:04 UTC (rev 12433)
@@ -1,4 +1,6 @@
[28 Jul 2009] DSA-1843-1 squid3 - denial of service
+ {CVE-2009-2621 CVE-2009-2622}
+ [etch] - squid <not-affected> (Vulnerable code introduced in 3.x)
[lenny] - squid3 3.0.STABLE8-3+lenny1
[28 Jul 2009] DSA-1842-1 openexr - several vulnerabilities
{CVE-2009-1720 CVE-2009-1721 CVE-2009-1722}