ubuntu/+source/squid3:ubuntu/wily-updates

Last commit made on 2016-06-09
Get this branch:
git clone -b ubuntu/wily-updates https://git.launchpad.net/ubuntu/+source/squid3
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/wily-updates
Repository:
lp:ubuntu/+source/squid3

Recent commits

095fc43... by Marc Deslauriers on 2016-06-07

Import patches-unapplied version 3.3.8-1ubuntu16.3 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 25ec24265cb2d0676e2459dcfe77a76f2c58125e

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, added tests to
      src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
      tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

25ec242... by Marc Deslauriers on 2016-03-04

Import patches-unapplied version 3.3.8-1ubuntu16.2 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: cd542a2f651b756836dc0c8a6d396771035301a7

New changelog entries:
  [ Scott Moser ]
  * debian/patches/increase-default-forward-max-tries.patch:
    change the default setting of 'forward_max_tries' from 10
    to 25. (LP: #1547640)
  [ Marc Deslauriers ]
  * SECURITY UPDATE: denial of service via crafted UDP SNMP request
    - debian/patches/CVE-2014-6270.patch: fix off-by-one in
      src/snmp_core.cc.
    - CVE-2014-6270
  * SECURITY UPDATE: error handling vulnerability
    - debian/patches/CVE-2016-2571.patch: better handling of huge response
      headers in src/http.cc.
    - CVE-2016-2571
  * Fix security issues that only apply when package is rebuilt with the
    enable-ssl flag, which is not the case in the Ubuntu archive.
    - debian/patches/CVE-2014-0128.patch: denial of service via a crafted
      range request.
    - debian/patches/CVE-2015-3455.patch: incorrect X509 server certificate
      domain matching.

cd542a2... by Steve Langasek on 2015-10-09

Import patches-unapplied version 3.3.8-1ubuntu16 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 3a22b0c4d55691c969c224a022c1dd230c944cbf

New changelog entries:
  [ Tiago Stürmer Daitx ]
  * d/patches/fix-logical-not-parentheses-warning.patch: Fix warning for
    logical-not-parentheses which caused squid to FTBFS. (LP: #1496924)
  * d/patches/netfilter_fix.patch: Backported from Squid Bug #4323.
    (LP: #1496223)
  * d/patches/fix-pod2name-pipe-failure.patch: Add --name parameter to
    pod2man (LP: #1501566)
  * roll back build-dependency to libecap2-dev, this version of squid3 is not
    compatible with libecap3 and libecap3 transition has been rolled back for
    wily.

3a22b0c... by Matthias Klose on 2015-09-02

Import patches-unapplied version 3.3.8-1ubuntu15 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 19f5f40cf4e6ec9d0b3e88519e0107e6171fa131

New changelog entries:
  * Build-depend on libecap3-dev instead of libecap2-dev.

19f5f40... by Serge Hallyn on 2015-04-02

Import patches-unapplied version 3.3.8-1ubuntu14 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 3ed2827fb5d707c44e8d86011235e82937793df5

New changelog entries:
  * Add versioned dependency on init-system-helpers (>> 1.22ubuntu5) to ensure
    we have the apparmor-profile-load script at boot time. (LP: #1432683)

3ed2827... by Oleg Strikov on 2015-03-05

Import patches-unapplied version 3.3.8-1ubuntu13 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 1b0df5aba42a5b25e54f85943556f93743bca90c

New changelog entries:
  * d/squid3.prerm: Removed redundant upstart-only code. Equivalent
    operations are carried out by debhelper-generated code in a more
    generic manner. (LP: #1424508)

1b0df5a... by Martin Pitt on 2015-03-06

Import patches-unapplied version 3.3.8-1ubuntu12 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 1b4a692b31b40c874ac46b1f18f4a08b1822f55e

New changelog entries:
  * debian/tests/testlib_httpd.py: Use "service" command instead of upstart
    specific ones, and simplify the logic.
  * debian/tests/testlib.py, check_exe(): Check /proc/pid/exe symlink instead
    of parsing cmdline; the latter has "(squid-1)" with the init.d script, and
    it's not really what we are interested in.

1b4a692... by Oleg Strikov on 2015-03-04

Import patches-unapplied version 3.3.8-1ubuntu11 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: aad9a4bfb29fbd496d7f4f2b530fb9cd587707a5

New changelog entries:
  * d/patches/fix-caching-vary-header.patch: Added upstream patch
    for the bug which prevented squid from caching responses with
    Vary header. (LP: #1336742)

aad9a4b... by Oleg Strikov on 2015-03-03

Import patches-unapplied version 3.3.8-1ubuntu10 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 749879d3e90de68d2529dba3b3d6dabaad3ac8d6

New changelog entries:
  [Jacek Nykis]
  * d/usr.sbin.squid3: Apparmor profile has been changed to allow child
    processes to run execvp(argv[0], [kidname, ...]). (LP: #1416039)

749879d... by Jorge Niedbalski on 2014-11-18

Import patches-unapplied version 3.3.8-1ubuntu9 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 85eb775cb7e84d4051e8ad42eb8f3b72d54e14d3

New changelog entries:
  * Fix various ICMP handling issues in Squid pinger. (LP: #1384943)