~ahasenack/ubuntu/+source/squid:eoan-squid-4.8-merge

Last commit made on 2019-07-31
Get this branch:
git clone -b eoan-squid-4.8-merge https://git.launchpad.net/~ahasenack/ubuntu/+source/squid
Only Andreas Hasenack can upload to this branch. If you are Andreas Hasenack please log in for upload directions.

Branch merges

Branch information

Name:
eoan-squid-4.8-merge
Repository:
lp:~ahasenack/ubuntu/+source/squid

Recent commits

7e4b443... by Andreas Hasenack on 2019-07-31

changelog

90ead55... by Andreas Hasenack on 2019-07-30

  * Added:
    - d/t/test-squid.py: test_zz_apparmor(): bail early if securityfs isn't
      mounted

8fe36b0... by Andreas Hasenack on 2019-07-24

update-maintainer

d7a5b19... by Andreas Hasenack on 2019-07-24

reconstruct-changelog

7490d95... by Andreas Hasenack on 2019-07-24

merge-changelogs

b99f71b... by Andreas Hasenack on 2019-07-24

    - SECURITY UPDATE: XSS issues in cachemgr.cgi
      + debian/patches/CVE-2019-13345.patch: properly escape values in
        tools/cachemgr.cc.
      + CVE-2019-13345
      [Fixed upstream]

9cdbab0... by Andreas Hasenack on 2019-07-24

    - SECURITY UPDATE: basic auth uudecode length issue
      + debian/patches/CVE-2019-12529.patch: replace uudecode with libnettle
        base64 decoder in lib/Makefile.*, src/auth/basic/Config.cc,
        include/uudecode.h, lib/uudecode.c.
      + CVE-2019-12529
      [Fixed upstream]

0c81e07... by Andreas Hasenack on 2019-07-24

    - SECURITY UPDATE: buffer overflow in basic auth decoding
      + debian/patches/CVE-2019-12527.patch: switch to SBuf in
        src/HttpHeader.cc, src/HttpHeader.h, src/cache_manager.cc,
        src/clients/FtpGateway.cc.
      + CVE-2019-12527
      [Fixed upstream]

966adb5... by Andreas Hasenack on 2019-07-24

    - SECURITY UPDATE: incorrect digest auth parameter parsing
      + debian/patches/CVE-2019-12525.patch: check length in
        src/auth/digest/Config.cc.
      + CVE-2019-12525
      [Fixed upstream]

53311a8... by Andreas Hasenack on 2019-07-24

    - debian/patches/413.patch: Fix gcc-9 build issues with upstream merged
      patch
      [Fixed upstream]