ubuntu/+source/squid3:applied/ubuntu/yakkety-devel

Last commit made on 2017-02-06
Get this branch:
git clone -b applied/ubuntu/yakkety-devel https://git.launchpad.net/ubuntu/+source/squid3
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/yakkety-devel
Repository:
lp:ubuntu/+source/squid3

Recent commits

619823a... by Marc Deslauriers on 2017-02-03

Import patches-applied version 3.5.12-1ubuntu8.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 1eb2a369c02d401fccb911787b61ad5d8e17d6d1
Unapplied parent: 540017bdeeb91f99a8aebb4713ac07bb77eb1a8e

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/LogTags.h, src/client_side.cc,
      src/client_side_reply.cc, src/client_side_reply.h.
    - CVE-2016-10002
  * SECURITY UPDATE: incorrect HTTP Request header comparison
    - debian/patches/CVE-2016-10003.patch: don't share private responses
      with collapsed client in src/client_side_reply.cc.
    - CVE-2016-10003

540017b... by Marc Deslauriers on 2017-02-03

fix incorrect HTTP Request header comparison

Gbp-Pq: CVE-2016-10003.patch.

6968f91... by Marc Deslauriers on 2017-02-03

fix cookie data leak via If-Not-Modified HTTP conditional

Gbp-Pq: CVE-2016-10002.patch.

7242b94... by Marc Deslauriers on 2017-02-03

fix denial of service via ESI responses

Gbp-Pq: CVE-2016-4555.patch.

b37e3cb... by Marc Deslauriers on 2017-02-03

fix same-origin bypass and cache-poisoning attack via

Gbp-Pq: CVE-2016-4554.patch.

8afd11c... by Marc Deslauriers on 2017-02-03

fix cache-poisoning attacks via an HTTP request with an absolute-URI

Gbp-Pq: CVE-2016-4553.patch.

5aefc48... by Marc Deslauriers on 2017-02-03

fix denial of service or arbitrary code execution via

Gbp-Pq: CVE-2016-4052.patch.

1dd2c6e... by Marc Deslauriers on 2017-02-03

fix denial of service and possible code execution via

Gbp-Pq: CVE-2016-4051.patch.

89e973c... by Marc Deslauriers on 2017-02-03

fix denial of service via pinger and ICMPv6 packet

Gbp-Pq: CVE-2016-3947.patch.

080f897... by Marc Deslauriers on 2017-02-03

99-ubuntu-ssl-cert-snakeoil.patch

No DEP3 Subject or Description header found

Gbp-Pq: 99-ubuntu-ssl-cert-snakeoil.patch.