diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-03 20:59:19 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-08-03 20:59:19 +0200 |
commit | aca16d7e81de0ab4867d7c686afdb98850811c21 (patch) | |
tree | b2ee0522b2d538de8d31fe1e71f7131e32c947c7 /data | |
parent | fbfdbe4f543fd68877430bf4fb7a738c0df3c85c (diff) |
Update information on CVE-2019-12522
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 4f6716a6e6..51e0a54212 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -63510,7 +63510,13 @@ CVE-2019-12523 (An issue was discovered in Squid before 4.9. When handling a URN NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-fbbdf75efd7a5cc244b4886a9d42ea458c5a3a73.patch CVE-2019-12522 (An issue was discovered in Squid through 4.7. When Squid is run as roo ...) - TODO: check + - squid <unfixed> (unimportant) + - squid3 <removed> (unimportant) + NOTE: Only causes problems if some other vulnerability is used to compromise the proxy. + NOTE: There is no upstream plan to fix the issue. The issue here is that some child + NOTE: processes run as low-privilege but stay in a state where they can resume root + NOTE: privileges. That is needed for reconfigure still. Architectural changes are needed + NOTE: to resolve it without breaking some installations. CVE-2019-12521 (An issue was discovered in Squid through 4.7. When Squid is parsing ES ...) {DSA-4682-1 DLA-2278-1} - squid 4.11-1 |