[ubuntu/trusty-updates] squid3 3.3.8-1ubuntu6.6 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Mar 7 13:28:20 UTC 2016
squid3 (3.3.8-1ubuntu6.6) trusty-security; urgency=medium
[ Scott Moser ]
* debian/patches/increase-default-forward-max-tries.patch:
change the default setting of 'forward_max_tries' from 10
to 25. (LP: #1547640)
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via crafted UDP SNMP request
- debian/patches/CVE-2014-6270.patch: fix off-by-one in
src/snmp_core.cc.
- CVE-2014-6270
* SECURITY UPDATE: error handling vulnerability
- debian/patches/CVE-2016-2571.patch: better handling of huge response
headers in src/http.cc.
- CVE-2016-2571
* Fix security issues that only apply when package is rebuilt with the
enable-ssl flag, which is not the case in the Ubuntu archive.
- debian/patches/CVE-2014-0128.patch: denial of service via a crafted
range request.
- debian/patches/CVE-2015-3455.patch: incorrect X509 server certificate
domain matching.
Date: 2016-03-04 20:42:14.254911+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/squid3/3.3.8-1ubuntu6.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list