ubuntu/+source/squid3:applied/ubuntu/xenial-security

Last commit made on 2019-12-04
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/squid3
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-security
Repository:
lp:ubuntu/+source/squid3

Recent commits

9ee5a4c... by Marc Deslauriers on 2019-11-20

Import patches-applied version 3.5.12-1ubuntu7.9 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9eec1fc1d049497dd01415f0a0d844f7bf2d0d3b
Unapplied parent: d5a22567b8cd0d695a090eec8d278909545a3e9a

New changelog entries:
  * SECURITY UPDATE: Heap Overflow issue in URN processing
    - debian/patches/CVE-2019-12526.patch: fix URN response handling in
      src/urn.cc.
    - CVE-2019-12526
  * SECURITY UPDATE: CSRF issue in HTTP Request processing
    - debian/patches/CVE-2019-18677.patch: prevent truncation for large
      origin-relative domains in src/URL.h, src/internal.cc, src/url.cc.
    - CVE-2019-18677
  * SECURITY UPDATE: HTTP Request Splitting in HTTP message processing
    - debian/patches/CVE-2019-18678.patch: server MUST reject messages with
      BWS after field-name in src/HttpHeader.cc, src/HttpHeader.h.
    - CVE-2019-18678
    - CVE-2019-18679

d5a2256... by Marc Deslauriers on 2019-11-20

CVE-2019-18678.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2019-18678.patch.

31bb14c... by Marc Deslauriers on 2019-11-20

CVE-2019-18677.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2019-18677.patch.

57d857f... by Marc Deslauriers on 2019-11-20

CVE-2019-12526.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2019-12526.patch.

e1db6e5... by Marc Deslauriers on 2019-11-20

[PATCH] Replace uudecode with libnettle base64 decoder (#406)

Gbp-Pq: CVE-2019-12529.patch.

e9cd3ae... by Marc Deslauriers on 2019-11-20

[PATCH] Fix Digest auth parameter parsing (#415)

Gbp-Pq: CVE-2019-12525.patch.

b0f6905... by Marc Deslauriers on 2019-11-20

[PATCH] Bug 4957: Multiple XSS issues in cachemgr.cgi (#429)

Gbp-Pq: CVE-2019-13345.patch.

43d4e92... by Marc Deslauriers on 2019-11-20

CVE-2018-19132.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2018-19132.patch.

74aee1d... by Marc Deslauriers on 2019-11-20

CVE-2018-1000027.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2018-1000027.patch.

82c1e7f... by Marc Deslauriers on 2019-11-20

CVE-2018-1000024.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2018-1000024.patch.