Update information for CVE-2022-4131{7,8}/squid

author: Salvatore Bonaccorso <carnil@debian.org> 2022-09-23 08:48:24 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-09-23 08:48:24 +0200
commit: 9ec33a4fb03801d472dc93a34494f1e9797b8473 (patch)
tree: 9f3b061623e3fcab4101a767715a8705df14c94c /data/CVE/list
parent: 89090afc119770a3b381a30dace75588b8b09f47 (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 823eb948aa..bf8d3d8e8d 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -20,16 +20,18 @@ CVE-2022-3267 (Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rd
 	- rdiffweb <itp> (bug #969974)
 CVE-2022-3266
 	RESERVED
-CVE-2022-41318
+CVE-2022-41318 [Buffer Over Read in SSPI and SMB Authentication]
 	- squid <unfixed>
 	- squid3 <removed>
-	TODO: check
 	NOTE: https://www.openwall.com/lists/oss-security/2022/09/23/2
-CVE-2022-41317
+	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch
+	NOTE: Squid 5: http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch (5.7)
+CVE-2022-41317 [Exposure of Sensitive Information in Cache Manager]
 	- squid <unfixed>
 	- squid3 <removed>
-	TODO: check
 	NOTE: https://www.openwall.com/lists/oss-security/2022/09/23/1
+	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_1.patch
+	NOTE: Squid 5: http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_1.patch (5.7)
 CVE-2022-41313
 	RESERVED
 CVE-2022-41312
author	Salvatore Bonaccorso <carnil@debian.org>	2022-09-23 08:48:24 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-09-23 08:48:24 +0200
commit	9ec33a4fb03801d472dc93a34494f1e9797b8473 (patch)
tree	9f3b061623e3fcab4101a767715a8705df14c94c /data/CVE/list
parent	89090afc119770a3b381a30dace75588b8b09f47 (diff)