[Bug 1473691] Re: squid: Update to latest upstream release (3.5)
Seth Arnold
1473691 at bugs.launchpad.net
Fri Feb 5 03:12:00 UTC 2016
e-Vent, we rated this issue "low" because:
- snmp is not enabled by default
- squid's snmp listener can listen on specific interfaces
- local iptables / ufw rules probably already allow only specific services on the hosts that run squid
- network firewalls / routers probably already allow only specific services on the networks that run squid
In general allowing untrusted access to SNMP is not a good idea
regardless if this is fixed.
We have limited resources and we have to prioritize the work we do
accordingly. If you have the time and inclination to prepare and test a
patch for this issue, we'd be happy to sponsor updates. See
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation for more details.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1473691
Title:
squid: Update to latest upstream release (3.5)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1473691/+subscriptions
More information about the Ubuntu-server-bugs
mailing list