[ubuntu/focal-proposed] squid 4.9-2ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Feb 19 19:21:14 UTC 2020
squid (4.9-2ubuntu4) focal; urgency=medium
* SECURITY UPDATE: info disclosure via FTP server
- debian/patches/CVE-2019-12528.patch: fix FTP buffers handling in
src/clients/FtpGateway.cc.
- CVE-2019-12528
* SECURITY UPDATE: incorrect input validation and buffer management
- debian/patches/CVE-2020-84xx.patch: fix request URL generation in
reverse proxy configurations in src/client_side.cc.
- CVE-2020-8449
- CVE-2020-8450
* SECURITY UPDATE: DoS in NTLM authentication
- debian/patches/CVE-2020-8517.patch: improved username handling in
src/acl/external/LM_group/ext_lm_group_acl.cc.
- CVE-2020-8517
Date: Wed, 19 Feb 2020 12:43:05 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/squid/4.9-2ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 19 Feb 2020 12:43:05 -0500
Source: squid
Architecture: source
Version: 4.9-2ubuntu4
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
squid (4.9-2ubuntu4) focal; urgency=medium
.
* SECURITY UPDATE: info disclosure via FTP server
- debian/patches/CVE-2019-12528.patch: fix FTP buffers handling in
src/clients/FtpGateway.cc.
- CVE-2019-12528
* SECURITY UPDATE: incorrect input validation and buffer management
- debian/patches/CVE-2020-84xx.patch: fix request URL generation in
reverse proxy configurations in src/client_side.cc.
- CVE-2020-8449
- CVE-2020-8450
* SECURITY UPDATE: DoS in NTLM authentication
- debian/patches/CVE-2020-8517.patch: improved username handling in
src/acl/external/LM_group/ext_lm_group_acl.cc.
- CVE-2020-8517
Checksums-Sha1:
96482d431cdaa7fc120ddade55a10d17f38580e1 2768 squid_4.9-2ubuntu4.dsc
d4edc818d43c72484ceb766649c91aa5d85d23ed 46552 squid_4.9-2ubuntu4.debian.tar.xz
7355d39b2ca3fab6affdd85d28f8a578baf793b0 9714 squid_4.9-2ubuntu4_source.buildinfo
Checksums-Sha256:
2ca73664e13873ad019d7ae2b42cad2907fe132b4ff3f9a82595eeb9358ce60d 2768 squid_4.9-2ubuntu4.dsc
1ef212384951f6f3571d168cd1cc3e378dad7558b35a12dd5b25351103cfc5da 46552 squid_4.9-2ubuntu4.debian.tar.xz
f7947e7c994231a9ad6c74580db85a6933df2489e21afd832bdbb3d5cae53640 9714 squid_4.9-2ubuntu4_source.buildinfo
Files:
71f7c5b1df7e4c3239cff93eef781ed2 2768 web optional squid_4.9-2ubuntu4.dsc
0d205de9cddfd387a55cd90751de3688 46552 web optional squid_4.9-2ubuntu4.debian.tar.xz
b1daa7c973bbd06adea8028eef254a9d 9714 web optional squid_4.9-2ubuntu4_source.buildinfo
Original-Maintainer: Luigi Gangitano <luigi at debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl5NidYACgkQZWnYVadE
vpOlgxAAtCVVbj9jLojt09nMtdP8eMN1qkGYPDlPyVM/x4V+jR4dHkQQkwKzzCNY
0z2BhCqZBab1lzSG8nuSfaatuHWncJ+tUlFB9sKJBBtKq/5FUggoJF7+CrH/sInT
qkkAHXmfVsciIn8ANt5UeNmzCEIWiO39HNrjZKxeHtW/DUy3tusg/AyNm3M6TQg3
an/X0G5Oy+FuW2RbdH0hg8AL9TubRa4rHgnPVuOEAUM5u8ZyXtnnQsuzvQvjimhG
AoedOjrPxP3SZNG3XTW0fMTDzyX6u09SxV3FbdJr53+yILe+IrX4dUXe2kk1ib9x
QtIAUE0hVsE4/4imPRcCZiVN1NsjdPO2tuDwQwd1WWNRaLyrL/Lb3q8kgDxrqrHU
SZhLM5Q51zPHMcs0Ask6DAbFZ88Ee3G/sLJwb+tc1+emS66I97h6n9whP9ojEjNC
CM0ByGvHxKH07HUkg94gMb0l1hhpKbROVpQV6zTaoqLTyiwyljWSsVTIG2eamAMZ
w1MsmNVX5T3gwKdCFYJChhlpvzXGh0MrcEeUuNm7cXuL/1k4og4DnJkTU+T2A8PA
jsEbetpTDa/peb4i19/tBhPK2fD1pUUCt3EBG8L77b38jemgXMmPNu8F8vLGO/ZS
OOGDRgL9YV1onP9law6UcXd3jwsi+WVmk8k9bpRlSVpnzgV3u9A=
=6JG6
-----END PGP SIGNATURE-----
More information about the Focal-changes
mailing list