oss-sec mailing list archives
Re: CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record
From: Henrik Nordström <henrik () henriknordstrom net>
Date: Mon, 31 Oct 2011 21:34:42 +0100
mån 2011-10-31 klockan 14:20 -0600 skrev Kurt Seifried:
Could you allocate a CVE id for this? (cc-ed Henrik and Jiri for their opinion / comments too, if this should be considered a security issue or not)I'd say so, in the past we have: CVE-2010-2951, CVE-2010-0639, CVE-2009-3700, etc. Lots of similar ones.
Agreed. Regards Henrik
Current thread:
- CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record Jan Lieskovsky (Oct 31)
- Re: CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record Kurt Seifried (Oct 31)
- Re: CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record Henrik Nordström (Nov 01)
- Re: CVE Request -- Squid v3.1.16 -- Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record Kurt Seifried (Oct 31)