Ubuntu
squid3 package

Branches for Quantal

Name Status Last Modified Last Commit
lp:ubuntu/quantal/squid3 bug 2 Mature 2012-07-13 09:15:17 UTC
41. * Merge from Debian testing (LP: #101...

Author: Stefan Bader
Revision Date: 2012-06-22 14:18:00 UTC

* Merge from Debian testing (LP: #1016560). Remaining changes:
  + debian/control:
    - Update maintainer.
    - Suggests apparmor (>= 2.3)
    - Depends on ssl-cert ((>= 1.0-11ubuntu1)
    - Add transitional dummy packages
  + debian/squid3.upstart
    - Move ulimit command to script section so that it applies
      to the started squid daemon. Thanks to Timur Irmatov (LP: 986159)
    - Work around squid not handling SIGHUP by adding respawn to
      upstart job. (LP: 978356)
  + debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3
    transition in 12.04 (LP: 924739)
  + debian/rules
    - Re-enable all hardening options lost in the squid->squid3
      transition (LP: 986314)
  + squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm,
    debian/squid3.preinst, debian/squid3.prerm:
    - Convert init script to upstart
  + debian/patches/99-ubuntu-ssl-cert-snakeoil:
    - Use snakeoil certificates.
  + debian/logrotate
    - Use sar-reports rather than sarg-maint. (LP: 26616)
  + debian/patches/90-cf.data.ubuntu.dpatch:
    - Add an example refresh pattern for debs.
      (foundations-lucid-local-report spec)
  + Add disabled by default AppArmor profile (LP: 497790)
    - debian/squid3.upstart: load profile in pre-start stanza
    - add debian/usr.sbin.squid3 profile
    - debian/rules:
      + install debian/usr.sbin.squid3, etc/apparmor.d/force-complain and
        etc/apparmor.d/disable into $(INSTALLDIR)
      + use dh_apparmor
    - debian/squid3.install: install etc/apparmor.d/disable, force-complain
      and usr.sbin.squid3
    - debian/squid3.preinst: disable profile on clean install or upgrades
      from earlier than when we shipped the profile
lp:ubuntu/quantal-security/squid3 2 Mature 2013-01-31 03:49:04 UTC
42. * SECURITY UPDATE: denial of service ...

Author: Seth Arnold
Revision Date: 2013-01-28 17:44:23 UTC

* SECURITY UPDATE: denial of service via cachemgr.cgi insufficient input
  validation
  - debian/patches/98-CVE-2012-5643.patch: modify cachemgr.cc to properly
    free memory and handle input in chunks
  - Based on
    http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
  - CVE-2012-5643
  - CVE-2013-0189
lp:ubuntu/quantal-updates/squid3 2 Mature 2013-01-31 04:16:09 UTC
42. * SECURITY UPDATE: denial of service ...

Author: Seth Arnold
Revision Date: 2013-01-28 17:44:23 UTC

* SECURITY UPDATE: denial of service via cachemgr.cgi insufficient input
  validation
  - debian/patches/98-CVE-2012-5643.patch: modify cachemgr.cc to properly
    free memory and handle input in chunks
  - Based on
    http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
  - CVE-2012-5643
  - CVE-2013-0189
lp:~ubuntu-branches/ubuntu/quantal/squid3/quantal-201206131513 (Has a merge proposal) 1 Development 2012-06-13 15:13:54 UTC
38. * debian/rules: re-enable all hardeni...

Author: Steve Beattie
Revision Date: 2012-04-20 11:09:46 UTC

* debian/rules: re-enable all hardening options lost in the
  squid->squid3 transition (LP: #986314)
* debian/squid3.upstart: move ulimit command to script section
  so that it applies to the started squid daemon. Thanks to Timur
  Irmatov (LP: #986159)
14 of 4 results FirstPreviousNextLast