diff options
author | Sylvain Beucler <beuc@beuc.net> | 2019-07-07 12:02:58 +0200 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2019-07-07 12:02:58 +0200 |
commit | 2210f008933a253c4bb719fe1b9c8b89e89ecd93 (patch) | |
tree | ffaa1fb512ecab1b5a0aeac0ec399ada174a3b10 | |
parent | 2b4454c21b87181cf09cd26ccc4df3f880c4e9d1 (diff) |
CVE-2019-13345/squid3: jessie triage
-rw-r--r-- | data/dla-needed.txt | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt index a87b658485..5be5d59730 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -118,6 +118,10 @@ sqlite3 NOTE: 20190617: A preliminary package with *just* the (presumably) CVE-2019-5827 patches backported: NOTE: 20190617: https://people.debian.org/~mejo/debian/jessie-security/sqlite3_3.8.7.1-1+deb8u5.dsc -- +squid3 + NOTE: 20190707: 2 XSS: first one unaffected AFAICS, second one reflected + NOTE: 20190707: cachemgr.cgi allows sensitive operations if authenticated (beuc) +-- squirrelmail NOTE: 20190702: no patch available, upstream apparently inactive, NOTE: 20190702: reporter just recommends disabling HTML viewing of messages |