ubuntu/+source/squid:applied/ubuntu/eoan-devel

Last commit made on 2019-07-19
Get this branch:
git clone -b applied/ubuntu/eoan-devel https://git.launchpad.net/ubuntu/+source/squid
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/eoan-devel
Repository:
lp:ubuntu/+source/squid

Recent commits

5195920... by Marc Deslauriers on 2019-07-19

Import patches-applied version 4.6-2ubuntu4 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: e860e85c167f0d7ca8e5869fe9e672eacdf916eb
Unapplied parent: 66211df36e6f2cb50b7ceaa6ab8b2bd830246f16

New changelog entries:
  * Fix gcc-9 issues (LP: #1835831)
    - Remove -Wno-sizeof-pointer-memaccess -Wno-stringop-truncation
    - debian/patches/more-gcc-9-fixes.patch: switch to xstrncpy in
      lib/smblib/smblib-util.c.
  * SECURITY UPDATE: incorrect digest auth parameter parsing
    - debian/patches/CVE-2019-12525.patch: check length in
      src/auth/digest/Config.cc.
    - CVE-2019-12525
  * SECURITY UPDATE: buffer overflow in basic auth decoding
    - debian/patches/CVE-2019-12527.patch: switch to SBuf in
      src/HttpHeader.cc, src/HttpHeader.h, src/cache_manager.cc,
      src/clients/FtpGateway.cc.
    - CVE-2019-12527
  * SECURITY UPDATE: basic auth uudecode length issue
    - debian/patches/CVE-2019-12529.patch: replace uudecode with libnettle
      base64 decoder in lib/Makefile.*, src/auth/basic/Config.cc,
      include/uudecode.h, lib/uudecode.c.
    - CVE-2019-12529
  * SECURITY UPDATE: XSS issues in cachemgr.cgi
    - debian/patches/CVE-2019-13345.patch: properly escape values in
      tools/cachemgr.cc.
    - CVE-2019-13345

66211df... by Marc Deslauriers on 2019-07-19

[PATCH] Bug 4957: Multiple XSS issues in cachemgr.cgi (#429)

Gbp-Pq: CVE-2019-13345.patch.

7308932... by Marc Deslauriers on 2019-07-19

[PATCH] Replace uudecode with libnettle base64 decoder (#406)

Gbp-Pq: CVE-2019-12529.patch.

057aeac... by Marc Deslauriers on 2019-07-19

[PATCH] Update HttpHeader::getAuth to SBuf (#416)

Gbp-Pq: CVE-2019-12527.patch.

590a8d7... by Marc Deslauriers on 2019-07-19

[PATCH] Fix Digest auth parameter parsing (#415)

Gbp-Pq: CVE-2019-12525.patch.

d8571ca... by Marc Deslauriers on 2019-07-19

[PATCH] Bug 4969: GCC-9 build failure: stringop-truncation and others

Gbp-Pq: more-gcc-9-fixes.patch.

aaffa60... by Marc Deslauriers on 2019-07-19

[PATCH 1/8] Allow copying of the terminator in html_quote()

Gbp-Pq: 413.patch.

eeeeea1... by Marc Deslauriers on 2019-07-19

Fix assertion error when rotating logs

Gbp-Pq: fix-rotate-assertion.patch.

c2f7aba... by Marc Deslauriers on 2019-07-19

99-ubuntu-ssl-cert-snakeoil.patch

No DEP3 Subject or Description header found

Gbp-Pq: 99-ubuntu-ssl-cert-snakeoil.patch.

3c4e526... by Marc Deslauriers on 2019-07-19

90-cf.data.ubuntu.patch

No DEP3 Subject or Description header found

Gbp-Pq: 90-cf.data.ubuntu.patch.