[ubuntu/wily-security] squid3 3.3.8-1ubuntu16.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Mar 7 12:51:45 UTC 2016
squid3 (3.3.8-1ubuntu16.2) wily-security; urgency=medium
[ Scott Moser ]
* debian/patches/increase-default-forward-max-tries.patch:
change the default setting of 'forward_max_tries' from 10
to 25. (LP: #1547640)
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via crafted UDP SNMP request
- debian/patches/CVE-2014-6270.patch: fix off-by-one in
src/snmp_core.cc.
- CVE-2014-6270
* SECURITY UPDATE: error handling vulnerability
- debian/patches/CVE-2016-2571.patch: better handling of huge response
headers in src/http.cc.
- CVE-2016-2571
* Fix security issues that only apply when package is rebuilt with the
enable-ssl flag, which is not the case in the Ubuntu archive.
- debian/patches/CVE-2014-0128.patch: denial of service via a crafted
range request.
- debian/patches/CVE-2015-3455.patch: incorrect X509 server certificate
domain matching.
Date: 2016-03-04 20:42:19.318438+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/squid3/3.3.8-1ubuntu16.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Wily-changes
mailing list