[ubuntu/artful-security] squid3 3.5.23-5ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Feb 5 17:45:20 UTC 2018


squid3 (3.5.23-5ubuntu1.1) artful-security; urgency=medium

  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

Date: 2018-02-01 16:18:13.535063+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/squid3/3.5.23-5ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Artful-changes mailing list