diff options
| author | nectar <nectar@FreeBSD.org> | 2004-03-27 01:26:51 +0800 |
|---|---|---|
| committer | nectar <nectar@FreeBSD.org> | 2004-03-27 01:26:51 +0800 |
| commit | 57826cfd221ef984acdad19cdb5d6072852e8a98 (patch) | |
| tree | 739226ed591505b7824450704ac7498c3774c8d0 /security | |
| parent | 29504a1733cd785b4b60271a458abd82e2622629 (diff) | |
| download | freebsd-ports-gnome-57826cfd221ef984acdad19cdb5d6072852e8a98.tar.gz freebsd-ports-gnome-57826cfd221ef984acdad19cdb5d6072852e8a98.tar.zst freebsd-ports-gnome-57826cfd221ef984acdad19cdb5d6072852e8a98.zip | |
Oops, empty <topic> tag. Fill in for squid ACL bypass issue.
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 64f7af596085..bb5dbb9d8427 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -33,7 +33,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> <vuln vid="705e003a-7f36-11d8-9645-0020ed76ef5a"> - <topic></topic> + <topic>squid ACL bypass due to URL decoding bug</topic> <affects> <package> <name>squid</name> @@ -45,7 +45,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. <p>From the Squid advisory:</p> <blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2004_1.txt"> - <p> Squid versions 2.5.STABLE4 and earlier contain a bug + <p>Squid versions 2.5.STABLE4 and earlier contain a bug in the "%xx" URL decoding function. It may insert a NUL character into decoded URLs, which may allow users to bypass url_regex ACLs.</p> |