~ahasenack/ubuntu/+source/squid3:xenial-squid-reload-1738412

Last commit made on 2018-10-31
Get this branch:
git clone -b xenial-squid-reload-1738412 https://git.launchpad.net/~ahasenack/ubuntu/+source/squid3
Only Andreas Hasenack can upload to this branch. If you are Andreas Hasenack please log in for upload directions.

Branch merges

Branch information

Name:
xenial-squid-reload-1738412
Repository:
lp:~ahasenack/ubuntu/+source/squid3

Recent commits

952103b... by Andreas Hasenack on 2018-10-31

changelog

aeca44c... by Andreas Hasenack on 2018-10-30

  * d/t/squid: use a shorter shutdown timeout for the tests, so they
    run faster

9e1145b... by Andreas Hasenack on 2018-10-30

  * d/t/control: drop uneeded dependency on python-unit.

a06c85f... by Andreas Hasenack on 2018-10-30

  * d/t/test-squid.py: in xenial, initscript, apparmor profile, pidfile and
    process are named squid, not squid3. Get rid of the multiple distro
    logic since these tests will be only run on xenial.

f6cbea5... by Andreas Hasenack on 2018-10-29

  * d/squid.rc: fix regexp for catching FATAL errors (LP: #1738412)

5dc496f... by Marc Deslauriers on 2018-02-01

Import patches-unapplied version 3.5.12-1ubuntu7.5 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 1ba3c2f3ef77a1fe4f1e2989052562b19fc9401d

New changelog entries:
  * SECURITY UPDATE: various denial of service issues
    - debian/patches/CVE-2016-25xx-1.patch: better handling of huge
      response headers in src/http.cc.
    - debian/patches/CVE-2016-25xx-2.patch: throw instead of asserting on
      some String overflows in src/SquidString.h, src/StrList.cc,
      src/String.cc, src/clients/Client.cc, src/clients/Client.h,
      src/clients/FtpClient.cc, src/http.cc.
    - debian/patches/CVE-2016-25xx-3.patch: fix assertion in custom ESI
      parser in src/esi/CustomParser.cc, src/esi/CustomParser.h.
    - debian/patches/CVE-2016-25xx-4.patch: fix assertion in
      src/FwdState.cc, src/FwdState.h, src/clients/Client.h, src/comm.cc,
      src/comm.h, src/http.cc.
    - CVE-2016-2569
    - CVE-2016-2570
    - CVE-2016-2571
  * SECURITY UPDATE: denial of service via crafted HTTP response
    - debian/patches/CVE-2016-3948.patch: convert Vary handling to SBuf in
      src/HttpRequest.cc, src/HttpRequest.h, src/MemObject.cc,
      src/MemObject.h, src/MemStore.cc, src/StoreMetaVary.cc,
      src/client_side.cc, src/client_side_reply.cc, src/http.cc,
      src/http.h, src/store.cc, src/store_key_md5.cc,
      src/store_swapmeta.cc, src/tests/stub_MemObject.cc,
      src/tests/stub_http.cc.
    - CVE-2016-3948
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

1ba3c2f... by Andreas Hasenack on 2017-07-07

Import patches-unapplied version 3.5.12-1ubuntu7.4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: b61f91a35ac79a109d6500c473f2022dc00d0a49
Upload parent: 5f7ab78087284b0dd978134c81168088d9e8f556

New changelog entries:
  * debian/patches/passive-ftp-segfault-1560429.patch: Fix for segfault
    when ftp passive mode is not available. Closes: #793473, LP:
    #1560429.

5f7ab78... by Robie Basak on 2017-07-25

d/p/passive-ftp-segf...: fix dep3 headers

As the patch was modified from upstream, this should be "Origin:
backport, ...", not "upstream, ...".

We can acknowledge authorship of both the original author and the
backporter here, too.

9bea0f5... by Robie Basak on 2017-07-25

d/p/passive-ftp-segf...: refresh to reduce noise

Using "-p ab --no-timestamps --no-index" reduces diff noise in future
quilt refreshes.

f66bf41... by Andreas Hasenack on 2017-07-05

changelog