ubuntu/+source/squid:applied/ubuntu/disco-devel

Last commit made on 2019-07-18
Get this branch:
git clone -b applied/ubuntu/disco-devel https://git.launchpad.net/ubuntu/+source/squid
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/disco-devel
Repository:
lp:ubuntu/+source/squid

Recent commits

59ee84f... by Marc Deslauriers on 2019-07-16

Import patches-applied version 4.4-1ubuntu2.2 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3a4bfb09e28a7546f8d91180c80d7e77d820fb58
Unapplied parent: bd746686b85e6fd401ee9961597b268b91e4c903

New changelog entries:
  * SECURITY UPDATE: incorrect digest auth parameter parsing
    - debian/patches/CVE-2019-12525.patch: check length in
      src/auth/digest/Config.cc.
    - CVE-2019-12525
  * SECURITY UPDATE: buffer overflow in basic auth decoding
    - debian/patches/CVE-2019-12527.patch: switch to SBuf in
      src/HttpHeader.cc, src/HttpHeader.h, src/cache_manager.cc,
      src/clients/FtpGateway.cc.
    - CVE-2019-12527
  * SECURITY UPDATE: basic auth uudecode length issue
    - debian/patches/CVE-2019-12529.patch: replace uudecode with libnettle
      base64 decoder in lib/Makefile.*, src/auth/basic/Config.cc,
      include/uudecode.h, lib/uudecode.c.
    - CVE-2019-12529

bd74668... by Marc Deslauriers on 2019-07-16

[PATCH] Replace uudecode with libnettle base64 decoder (#406)

Gbp-Pq: CVE-2019-12529.patch.

783123d... by Marc Deslauriers on 2019-07-16

[PATCH] Update HttpHeader::getAuth to SBuf (#416)

Gbp-Pq: CVE-2019-12527.patch.

77c9938... by Marc Deslauriers on 2019-07-16

[PATCH] Fix Digest auth parameter parsing (#415)

Gbp-Pq: CVE-2019-12525.patch.

eae5265... by Marc Deslauriers on 2019-07-16

[PATCH] Bug 4957: Multiple XSS issues in cachemgr.cgi (#429)

Gbp-Pq: CVE-2019-13345.patch.

d43ed0b... by Marc Deslauriers on 2019-07-16

Fix assertion error when rotating logs

Gbp-Pq: fix-rotate-assertion.patch.

125817b... by Marc Deslauriers on 2019-07-16

Workaround gcc's maybe-uninitialized error in parse_time_t

Gbp-Pq: fix-uninitialized-var.patch.

182b6e1... by Marc Deslauriers on 2019-07-16

99-ubuntu-ssl-cert-snakeoil.patch

No DEP3 Subject or Description header found

Gbp-Pq: 99-ubuntu-ssl-cert-snakeoil.patch.

058c4c6... by Marc Deslauriers on 2019-07-16

90-cf.data.ubuntu.patch

No DEP3 Subject or Description header found

Gbp-Pq: 90-cf.data.ubuntu.patch.

3c54f81... by Marc Deslauriers on 2019-07-16

Use installed squid binary for Debian CI testing

Gbp-Pq: 0003-installed-binary-for-debian-ci.patch.