[ubuntu/trusty-security] squid3 3.3.8-1ubuntu6.11 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Feb 5 17:45:25 UTC 2018
squid3 (3.3.8-1ubuntu6.11) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service in ESI Response processing
- debian/patches/CVE-2018-1000024.patch: make sure endofName never
exceeds tagEnd in src/esi/CustomParser.cc.
- CVE-2018-1000024
* SECURITY UPDATE: denial of service in in HTTP Message processing
- debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
transactions without a client connection in
src/client_side_request.cc.
- CVE-2018-1000027
squid3 (3.3.8-1ubuntu6.10) trusty; urgency=medium
* debian/patches/fix-assertion-ftp-put-empty-file.patch: Fix ftp
assertion error when uploading empty file. Thanks to Alex Rousskov
<rousskov at measurement-factory.com>. Closes LP: #1423498.
Date: 2018-02-01 16:07:17.344099+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/squid3/3.3.8-1ubuntu6.11
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list