[ubuntu/noble-updates] squid 6.10-0ubuntu0.24.04.1 (Accepted)
Brian Murray
brian at ubuntu.com
Thu Jan 9 20:59:29 UTC 2025
squid (6.10-0ubuntu0.24.04.1) noble; urgency=medium
* New upstream version 6.10 (LP: #2073322):
- Fix issue where successful tunnels were being logged as TCP_TUNNEL/500.
- Fix a logic error when starting squid with the -a option, which could
lead to a crash.
- Fix marking of problematic cached IP addresses.
- For a comprehensive list of changes, please see
https://www.squid-cache.org/Versions/v6/squid-6.10-RELEASENOTES.html.
* d/u/signing-key.asc: update keyring file. (Closes: #1084734)
* Dropped changes:
- SECURITY UPDATE: DoS via chunked decoder uncontrolled recursion bug
+ debian/patches/CVE-2024-25111.patch: fix infinite recursion in
src/http.cc, src/http.h.
+ CVE-2024-25111
[ Fixed in 6.8 ]
- SECURITY UPDATE: DoS in ESI processing using multi-byte characters
+ debian/patches/CVE-2024-37894.patch: fix variable datatype to handle
variables names outside standard ASCII characters
+ CVE-2024-37894
[ Fixed in 6.10 ]
Date: 2024-10-09 15:24:10.320500+00:00
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Signed-By: Brian Murray <brian at ubuntu.com>
https://launchpad.net/ubuntu/+source/squid/6.10-0ubuntu0.24.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list