Skip to content
Commits on Source (5)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ 7ab89c98
......@@ -128132,7 +128132,7 @@ CVE-2018-1173 (This vulnerability allows remote attackers to execute arbitrary c
NOT-FOR-US: Foxit Reader
CVE-2018-1172 (This vulnerability allows remote attackers to deny service on vulnerab ...)
[experimental] - squid 4.0.21-1~exp5 (unimportant)
- squid <removed> (unimportant)
- squid 4.1-1 (unimportant)
[wheezy] - squid <not-affected> (Vunerable code introduced in 3.1)
- squid3 <unfixed> (unimportant)
NOTE: src:squid as source package reintroduced for 4.x in experimental
......@@ -205478,7 +205478,7 @@ CVE-2016-2391 (The ohci_bus_start function in the USB OHCI emulation support (hw
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1304794
NOTE: http://www.openwall.com/lists/oss-security/2016/02/16/2
CVE-2016-2390 (The FwdState::connectedToPeer method in FwdState.cc in Squid before 3. ...)
- squid <removed> (unimportant)
- squid 4.1-1 (unimportant)
- squid3 3.5.14-1 (unimportant)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_1.txt
NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
......@@ -228012,7 +228012,7 @@ CVE-2015-3622 (The _asn1_extract_der_octet function in lib/decoding.c in GNU Lib
NOTE: Introduced by http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=609d5c1366fb424f6150c4eed358d246e61cf204 (libtasn1_3_6)
NOTE: DECR_LEN introduced in http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=154909136c12cfa5c60732b7210827dfb1ec6aee (libtasn1_3_6)
CVE-2015-3455 (Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, a ...)
- squid <removed> (unimportant)
- squid 4.1-1 (unimportant)
- squid3 3.5.6-1 (unimportant)
NOTE: http://www.squid-cache.org/Advisories/SQUID-2015_1.txt
NOTE: Only affects custom builds with --enable-ssl (disabled for license purposes in Debian)
......@@ -247687,8 +247687,8 @@ CVE-2014-6311 (generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable
CVE-2014-6310 (Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attacker ...)
- chicken <not-affected> (Affects only CHICKEN Scheme on the Android platform)
CVE-2014-6270 (Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squi ...)
- squid <removed> (unimportant)
NOTE: SNMP not built in squid 2
- squid 4.1-1 (unimportant)
NOTE: SNMP was not built in squid 2.x
- squid3 3.4.8-1 (low; bug #761002)
[wheezy] - squid3 <no-dsa> (Minor issue)
[squeeze] - squid3 <no-dsa> (Minor issue)
......@@ -340951,7 +340951,7 @@ CVE-2009-0803 (SmoothWall SmoothGuardian, as used in SmoothWall Firewall, Networ
CVE-2009-0802 (Qbik WinGate, when transparent interception mode is enabled, uses the ...)
NOT-FOR-US: Qbik WinGate
CVE-2009-0801 (Squid, when transparent interception mode is enabled, uses the HTTP Ho ...)
- squid <unfixed> (unimportant; bug #521053)
- squid 4.1-1 (unimportant; bug #521053)
- squid3 3.3.3-1 (unimportant; bug #521052)
NOTE: This only affects HTTP connections and only in transparent mode
NOTE: Also, same origin validations in the browsers still apply and keep this mostly harmless