Secure testing commits - Jan 2010 - r13920 - data/CVE

Author: pedrib-guest
Date: 2010-01-25 23:33:37 +0000 (Mon, 25 Jan 2010)
New Revision: 13920

Modified:
   data/CVE/list
Log:
fixe latent issues in opensaml2 and squid


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-01-25 22:18:52 UTC (rev 13919)
+++ data/CVE/list	2010-01-25 23:33:37 UTC (rev 13920)
@@ -4445,7 +4445,8 @@
 	{DSA-1947-1}
 	- shibboleth-sp2 2.3+dfsg-1 (medium; bug #555608)
 	- shibboleth-sp <removed> (medium)
-	NOTE: xmltooling/opensaml2 also needs to be updated, changed in sid in
1.3.1-1/2.3-1
+	- opensaml2 2.3-1 (medium)
+	NOTE: xmltooling also needs to be updated, changed in sid in 1.3.1-1
 CVE-2009-3299 (Cross-site scripting (XSS) vulnerability in the resume blocktype
in ...)
 	{DSA-1924-1}
 	- mahara 1.1.7-1 (low)
@@ -7207,9 +7208,15 @@
 CVE-2009-2622 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows
remote ...)
 	{DSA-1843-2 DSA-1843-1}
 	- squid3 3.0.STABLE18-1 (medium; bug #538989)
+	- squid <not-affected> (see NOTE)
+	NOTE: squid 2.x not affected, according to 
+	NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
 CVE-2009-2621 (Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not
...)
 	{DSA-1843-2 DSA-1843-1}
 	- squid3 3.0.STABLE18-1 (medium; bug #538989)
+	- squid <not-affected> (see NOTE)
+	NOTE: squid 2.x not affected, according to 
+	NOTE: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
 CVE-2009-2595 (Cross-site scripting (XSS) vulnerability in productSearch.html
in ...)
 	NOT-FOR-US: Censura
 CVE-2009-2594 (Cross-site scripting (XSS) vulnerability in censura.php in
Censura ...)