FreeBSD Bugzilla – Attachment 213164 Details for
Bug 245433
security/vuxml: Add Squid 4.10 vulnerability entries
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch 4.10
vuxml-squid.diff (text/plain), 1.86 KB, created by
Michael Muenz
on 2020-04-07 20:25:31 UTC
(
hide
)
Description:
patch 4.10
Filename:
MIME Type:
Creator:
Michael Muenz
Created:
2020-04-07 20:25:31 UTC
Size:
1.86 KB
patch
obsolete
>diff -Naur vuxml/vuln.xml vuxml-squid/vuln.xml >--- vuxml/vuln.xml 2020-04-02 21:32:40.000000000 +0200 >+++ vuxml-squid/vuln.xml 2020-04-07 23:22:53.637597000 +0200 >@@ -58,6 +58,45 @@ > * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="57c1c2ee-7914-11ea-90bf-0800276545c1"> >+ <topic>Squid4 -- multiple vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>squid4</name> >+ <range><lt>4.10</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The Squid developers reports:</p> >+ <blockquote cite="http://lists.squid-cache.org/pipermail/squid-announce/2020-February/000107.html"> >+ <p>Improper Input Validation issues in HTTP Request >+ processing (CVE-2020-8449, CVE-2020-8450).</p> >+ <p>Information Disclosure issue in FTP Gateway >+ (CVE-2019-12528).</p> >+ <p>Buffer Overflow issue in ext_lm_group_acl helper >+ (CVE-2020-8517).</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>http://lists.squid-cache.org/pipermail/squid-announce/2020-February/000107.html</url> >+ <url>https://nvd.nist.gov/vuln/detail/CVE-2020-8449</url> >+ <url>https://nvd.nist.gov/vuln/detail/CVE-2020-8450</url> >+ <url>https://nvd.nist.gov/vuln/detail/CVE-2019-12528</url> >+ <url>https://nvd.nist.gov/vuln/detail/CVE-2020-8517</url> >+ <cvename>CVE-2020-8449</cvename> >+ <cvename>CVE-2020-8450</cvename> >+ <cvename>CVE-2019-12528</cvename> >+ <cvename>CVE-2020-8517</cvename> >+ <freebsdpr>ports/244026</freebsdpr> >+ </references> >+ <dates> >+ <discovery>2020-02-10</discovery> >+ <entry>2020-04-07</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="9cb57a06-7517-11ea-b594-3065ec8fd3ec"> > <topic>chromium -- multiple vulnerabilities</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=213164">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 245433
:
213164
|
213177