ubuntu/+source/squid3:ubuntu/precise-devel

Last commit made on 2017-02-06
Get this branch:
git clone -b ubuntu/precise-devel https://git.launchpad.net/ubuntu/+source/squid3
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/precise-devel
Repository:
lp:ubuntu/+source/squid3

Recent commits

b36f536... by Marc Deslauriers on 2017-02-06

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.8 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: aa61d8c138ae433c186ee380281d1fa5c08b82c5

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/client_side_reply.cc,
      src/client_side_reply.h.
    - CVE-2016-10002

aa61d8c... by Marc Deslauriers on 2016-06-08

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 9fed18744dffc484e9aa048f009818fcd5a8c3bb

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, src/tests/stub_mem.cc,
      tools/Makefile.am, src/tests/STUB.h, src/squid.h.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

9fed187... by Marc Deslauriers on 2016-03-04

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.6 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 4cb34c41fa04d83df4930f4d9de19e15af506db5

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted UDP SNMP request
    - debian/patches/CVE-2014-6270.patch: fix off-by-one in
      src/snmp_core.cc.
    - CVE-2014-6270
  * SECURITY UPDATE: error handling vulnerability
    - debian/patches/CVE-2016-2571.patch: better handling of huge response
      headers in src/http.cc.
    - CVE-2016-2571
  * Fix security issue that only applies when package is rebuilt with the
    enable-ssl flag, which is not the case in the Ubuntu archive.
    - debian/patches/CVE-2014-0128.patch: denial of service via a crafted
      range request.
  * debian/patches/increase-default-forward-max-tries.patch:
    change the default setting of 'forward_max_tries' from 10
    to 25. (LP: #1547640)

4cb34c4... by Tiago Stürmer Daitx on 2015-10-14

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.4 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 28d29473fbaeb13777952a302e8254b4172cfb8b

New changelog entries:
  * d/squid3.upstart: Use SIGINT to terminate squid and wait at most 40
    seconds for it to finish. (LP: #1073478)

28d2947... by Jamie Strandboge on 2014-08-26

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 9ebc5fedebe7deb6125e5e1fe9b1cfd95c9d7c0e

New changelog entries:
  * SECURITY UPDATE: Ignore Range headers with unidentifiable byte-range
    values
    - debian/patches/CVE-2014-3609.patch: adjust src/HttpHdrRange.cc to
      return an error if unable to determine the byte value for ranges
    - CVE-2014-3609

9ebc5fe... by Seth Arnold on 2013-01-29

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.2 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: d42bb0b96e17163241313a74d43be2565bfb8370

New changelog entries:
  * SECURITY UPDATE: denial of service via cachemgr.cgi insufficient input
    validation
    - debian/patches/98-CVE-2012-5643.patch: modify cachemgr.cc to properly
      free memory and handle input in chunks
    - Based on
      http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
    - CVE-2012-5643
    - CVE-2013-0189

d42bb0b... by Clint Byrum on 2012-06-19

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.1 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 28af3403809bc4d589c2fd60b709fbdfb5a557f4

New changelog entries:
  * d/squid3.upstart: Work around squid not handling SIGHUP by
    adding respawn to upstart job. (LP: #978356)

28af340... by Steve Beattie on 2012-04-20

Import patches-unapplied version 3.1.19-1ubuntu3 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 4ebc05a0c302afca9501fd8a2867b19016e993cb

New changelog entries:
  * debian/rules: re-enable all hardening options lost in the
    squid->squid3 transition (LP: #986314)
  * debian/squid3.upstart: move ulimit command to script section
    so that it applies to the started squid daemon. Thanks to Timur
    Irmatov (LP: #986159)

4ebc05a... by Adam Gandelman on 2012-04-12

Import patches-unapplied version 3.1.19-1ubuntu2 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 934e22cbd5bdcfa2702f23a28a28c4af8a3c3017

New changelog entries:
  * debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3
    transition in 12.04 (LP: #924739)

934e22c... by Chris Halse Rogers on 2012-02-21

Import patches-unapplied version 3.1.19-1ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 6dbb3da0291934e23f9ae5a09229b7a5f46440f1

New changelog entries:
  * Merge from Debian testing. Remaining changes:
    + debian/control:
      - Update maintainer.
    + debian/squid3.upstart, debian/rules, squid3.resolvconf,
      debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst,
      debian/squid3.prerm: Convert init script to upstart
    + debian/control, debian/patches/99-ubuntu-ssl-cert-snakeoil: Use
     snakeoil certificates.
    + debian/logrotate: Use sar-reports rather than sarg-maint. (LP: 26616)
    + debian/patches/90-cf.data.ubuntu.dpatch: Add an example refresh pattern
      for debs. (foundations-lucid-local-report spec)
    + Add transitional dummy packages
  * New upstream bugfix release fixes swap.state corruption, so squid will
    now start after a reboot. (LP: #930252)