[ubuntu/trusty-security] squid3 3.3.8-1ubuntu6.6 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Mar 7 12:51:48 UTC 2016

squid3 (3.3.8-1ubuntu6.6) trusty-security; urgency=medium

  [ Scott Moser ]
  * debian/patches/increase-default-forward-max-tries.patch:
    change the default setting of 'forward_max_tries' from 10
    to 25. (LP: #1547640)

  [ Marc Deslauriers ]
  * SECURITY UPDATE: denial of service via crafted UDP SNMP request
    - debian/patches/CVE-2014-6270.patch: fix off-by-one in
    - CVE-2014-6270
  * SECURITY UPDATE: error handling vulnerability
    - debian/patches/CVE-2016-2571.patch: better handling of huge response
      headers in src/http.cc.
    - CVE-2016-2571
  * Fix security issues that only apply when package is rebuilt with the
    enable-ssl flag, which is not the case in the Ubuntu archive.
    - debian/patches/CVE-2014-0128.patch: denial of service via a crafted
      range request.
    - debian/patches/CVE-2015-3455.patch: incorrect X509 server certificate
      domain matching.

squid3 (3.3.8-1ubuntu6.4) trusty-proposed; urgency=low

  * d/squid3.upstart: Use SIGINT to terminate squid and wait at most 40
    seconds for it to finish. (LP: #1073478)

squid3 (3.3.8-1ubuntu6.3) trusty-proposed; urgency=low

  * d/patches/fix-caching-vary-header.patch: Added upstream patch
    for the bug which prevented squid from caching responses with
    Vary header. (LP: #1336742) Based on work by Oleg Strikov.

Date: 2016-03-04 20:42:14.254911+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list