[ubuntu/precise-updates] squid3 3.1.19-1ubuntu3.12.04.6 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Mar 7 13:28:18 UTC 2016
squid3 (3.1.19-1ubuntu3.12.04.6) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted UDP SNMP request
- debian/patches/CVE-2014-6270.patch: fix off-by-one in
src/snmp_core.cc.
- CVE-2014-6270
* SECURITY UPDATE: error handling vulnerability
- debian/patches/CVE-2016-2571.patch: better handling of huge response
headers in src/http.cc.
- CVE-2016-2571
* Fix security issue that only applies when package is rebuilt with the
enable-ssl flag, which is not the case in the Ubuntu archive.
- debian/patches/CVE-2014-0128.patch: denial of service via a crafted
range request.
* debian/patches/increase-default-forward-max-tries.patch:
change the default setting of 'forward_max_tries' from 10
to 25. (LP: #1547640)
Date: 2016-03-04 20:19:15.021051+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/squid3/3.1.19-1ubuntu3.12.04.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list