ubuntu/+source/squid:applied/ubuntu/feisty-security

Last commit made on 2008-04-14
Get this branch:
git clone -b applied/ubuntu/feisty-security https://git.launchpad.net/ubuntu/+source/squid
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/feisty-security
Repository:
lp:ubuntu/+source/squid

Recent commits

824ce1b... by Jamie Strandboge on 2008-04-11

Import patches-applied version 2.6.5-4ubuntu2.2 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 1fc6285904a4ef8a813513ef0e0a52b1e9ae48b7
Unapplied parent: e49062a1b7045b5e43f5da8b7e0ff3900747e39c

New changelog entries:
  * SECURITY UPDATE: off by one assertion could cause a denial of service
  * debian/patches/SECURITY_CVE-2008-1612.dpatch: fix arrayShrink() in
    lib/Array.c to properly check a->capacity

e49062a... by Jamie Strandboge on 2008-04-11

Import patches-unapplied version 2.6.5-4ubuntu2.2 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: b6371ee52fb27cf614e72142e5670584a54c775d

New changelog entries:
  * SECURITY UPDATE: off by one assertion could cause a denial of service
  * debian/patches/SECURITY_CVE-2008-1612.dpatch: fix arrayShrink() in
    lib/Array.c to properly check a->capacity

1fc6285... by Kees Cook on 2008-01-08

Import patches-applied version 2.6.5-4ubuntu2.1 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 80bbc4cdd87104427bc9e42db006eaffc25df412
Unapplied parent: b6371ee52fb27cf614e72142e5670584a54c775d

New changelog entries:
  * SECURITY UPDATE: denial of service through memory exhaustion.
  * Add cache_header_shrinking.dpatch: upstream fixes thanks to Martin Nagy.
  * References
    CVE-2007-6239

b6371ee... by Kees Cook on 2008-01-08

Import patches-unapplied version 2.6.5-4ubuntu2.1 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 954b36f4705817db0e771cbb901572294380987e

New changelog entries:
  * SECURITY UPDATE: denial of service through memory exhaustion.
  * Add cache_header_shrinking.dpatch: upstream fixes thanks to Martin Nagy.
  * References
    CVE-2007-6239

80bbc4c... by Kees Cook on 2007-03-22

Import patches-applied version 2.6.5-4ubuntu2 to applied/ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 24c900c79b1abd311acee3559faa61d3b9448f3c
Unapplied parent: 954b36f4705817db0e771cbb901572294380987e

New changelog entries:
  * SECURITY UPDATE: remote denial of service via TRACE method.
  * debian/patches/57-external-trace-crash.dpatch: upstream fix.
  * References
    http://www.squid-cache.org/Versions/v2/2.6/changesets/11349.patch
    CVE-2007-1560

954b36f... by Kees Cook on 2007-03-22

Import patches-unapplied version 2.6.5-4ubuntu2 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: dc5bb43657ac679eeff6dc830d849e724923db38

New changelog entries:
  * SECURITY UPDATE: remote denial of service via TRACE method.
  * debian/patches/57-external-trace-crash.dpatch: upstream fix.
  * References
    http://www.squid-cache.org/Versions/v2/2.6/changesets/11349.patch
    CVE-2007-1560

24c900c... by Kees Cook on 2007-01-22

Import patches-applied version 2.6.5-4ubuntu1 to applied/ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: ed6b30ca13afe2642ed0c8fd0090294b2e472014
Unapplied parent: dc5bb43657ac679eeff6dc830d849e724923db38

New changelog entries:
  * Merge from debian unstable, remaining changes:
    - Use snakeoil SSL cert.
  * Urgency high due to security issues
  * debian/patches/55-ftp-segfault.dpatch
    - Added upstream patch fixing DoS on specially crafted ftp urls
      (Closes: #407202) (Ref: SA23767)
  * debian/patches/56-external-acl-crash
    - Added upstream patch fixing external-acl crashing on high load
      conditions (Ref: CVE-2007-0248)
  * debian/po/es.po
    - Updated Spanish debconf translation, thanks to Javier Fernàndez-Sanguino
      Peña (Closes: #402677)

  * debian/po/pt.po
    - Added Portuguese debconf translation, thanks to Miguel Figueiredo
      (Closes: #399929)

dc5bb43... by Kees Cook on 2007-01-22

Import patches-unapplied version 2.6.5-4ubuntu1 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 07630572676f68cc8a8bff4532ce3e4eecfb06d8

New changelog entries:
  * Merge from debian unstable, remaining changes:
    - Use snakeoil SSL cert.
  * Urgency high due to security issues
  * debian/patches/55-ftp-segfault.dpatch
    - Added upstream patch fixing DoS on specially crafted ftp urls
      (Closes: #407202) (Ref: SA23767)
  * debian/patches/56-external-acl-crash
    - Added upstream patch fixing external-acl crashing on high load
      conditions (Ref: CVE-2007-0248)
  * debian/po/es.po
    - Updated Spanish debconf translation, thanks to Javier Fernàndez-Sanguino
      Peña (Closes: #402677)

  * debian/po/pt.po
    - Added Portuguese debconf translation, thanks to Miguel Figueiredo
      (Closes: #399929)

ed6b30c... by Oliver Grawert on 2006-11-20

Import patches-applied version 2.6.5-2ubuntu1 to applied/ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: b4c26b60f46b83028a6ba7cb4edba491b97d1c65
Unapplied parent: 07630572676f68cc8a8bff4532ce3e4eecfb06d8

New changelog entries:
  * Merge from debian unstable.
  * keep snakeoil cert patch
  * debian/rules
   - Remove mispelled configure option enablig TPROXY support
      (TPROXY support is NOT enabled since it needs kernel patches which
       are not in the kernel sources distributed by debian)
  * debian/control
    - Upgraded Standard-Version to 3.7.2.2 (no change needed)
    - Added Dependency on apache | httpd
  * debian/postinst
    - Removed bashism
  * debian/squid.rc
    - Added LSB INIT section
  * debian/squidclient.1
    - Fixed syntax errors in man page
  * New upstream release
    - Removed patched integreated upstream:
      + 50-coss-compile.patch

  * debian/watch
    - Updated local version
  * debian/patches/51-htcp-assert
    - Included upstream patch fixing error with big htcp packets
  * debian/patches/52-hosts-overflow
    - Included upstream patch fixing buffer overflow (Closes: #392866)
  * debian/patches/53-coss-assert
    - Included upstream patch fixing error while restarting a coss-enabled squid
  * debian/patches/54-aufs-assert
    - Included upstream patch removing an assert causing squid to fail while
      using aufs
  * debian/squid.rc
    - Fixed invoke-rc.d call on upgrade (Closes: #392713)
  * debian/patches/50-coss-compile.patch
    - Added upstream patch to fix compile time failure when aufs is enabled
      and coss is not. (Closes: #390934)
  * debian/patches/01-cf.data.pre
    - Reverted patch for default group setting. Make the default configuration
      file setting the effective group instead setting it in sources.
      (Closes: #381191)
  * debian/rules
    - Enabled coss storage method for Debian GNU/KfreeBSD
    - Added DEB_BUILD_OPTIONS dependent optimization and install options,
      allowing for easy builing of unstripped binary packages as per Policy
      10.1. (Closes: #384616)
    - Removed RunCache script installation
  * New upstream release (Closes: #389536)
  * debian/rules
    - Enabled coss store option
  * New upstream release (Closes: #383763)
  * debian/control
    - Update Build-Depend on libdb4.4-dev
  * New upstream release
    - Removed patches that have been integrated upstream:
      + debian/patches/49-xstrdup
      + debian/patches/48-kfreebsd-kqueue
    - Fixes 100% CPU usage on diskd fail (Closes: #380181)
    - Fixes error on double definition of redirectors (Closes: #370108)
  * debian/doc/FAQ*
    - Updated FAQs
  * debian/control
    - Added Replace: to squid-common (Closes: #379101)
    - Removed the old squid-common Conflicts: statement on squid
  * debian/patches/49-xstrdup
    - Added upstream patch that fixes an error on XSTRDUP
      (Closes: #379586)

0763057... by Oliver Grawert on 2006-11-20

Import patches-unapplied version 2.6.5-2ubuntu1 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 6d90e0c6dbaab39402c6a1807a501f61561db188

New changelog entries:
  * Merge from debian unstable.
  * keep snakeoil cert patch
  * debian/rules
   - Remove mispelled configure option enablig TPROXY support
      (TPROXY support is NOT enabled since it needs kernel patches which
       are not in the kernel sources distributed by debian)
  * debian/control
    - Upgraded Standard-Version to 3.7.2.2 (no change needed)
    - Added Dependency on apache | httpd
  * debian/postinst
    - Removed bashism
  * debian/squid.rc
    - Added LSB INIT section
  * debian/squidclient.1
    - Fixed syntax errors in man page
  * New upstream release
    - Removed patched integreated upstream:
      + 50-coss-compile.patch

  * debian/watch
    - Updated local version
  * debian/patches/51-htcp-assert
    - Included upstream patch fixing error with big htcp packets
  * debian/patches/52-hosts-overflow
    - Included upstream patch fixing buffer overflow (Closes: #392866)
  * debian/patches/53-coss-assert
    - Included upstream patch fixing error while restarting a coss-enabled squid
  * debian/patches/54-aufs-assert
    - Included upstream patch removing an assert causing squid to fail while
      using aufs
  * debian/squid.rc
    - Fixed invoke-rc.d call on upgrade (Closes: #392713)
  * debian/patches/50-coss-compile.patch
    - Added upstream patch to fix compile time failure when aufs is enabled
      and coss is not. (Closes: #390934)
  * debian/patches/01-cf.data.pre
    - Reverted patch for default group setting. Make the default configuration
      file setting the effective group instead setting it in sources.
      (Closes: #381191)
  * debian/rules
    - Enabled coss storage method for Debian GNU/KfreeBSD
    - Added DEB_BUILD_OPTIONS dependent optimization and install options,
      allowing for easy builing of unstripped binary packages as per Policy
      10.1. (Closes: #384616)
    - Removed RunCache script installation
  * New upstream release (Closes: #389536)
  * debian/rules
    - Enabled coss store option
  * New upstream release (Closes: #383763)
  * debian/control
    - Update Build-Depend on libdb4.4-dev
  * New upstream release
    - Removed patches that have been integrated upstream:
      + debian/patches/49-xstrdup
      + debian/patches/48-kfreebsd-kqueue
    - Fixes 100% CPU usage on diskd fail (Closes: #380181)
    - Fixes error on double definition of redirectors (Closes: #370108)
  * debian/doc/FAQ*
    - Updated FAQs
  * debian/control
    - Added Replace: to squid-common (Closes: #379101)
    - Removed the old squid-common Conflicts: statement on squid
  * debian/patches/49-xstrdup
    - Added upstream patch that fixes an error on XSTRDUP
      (Closes: #379586)