squid 4.8-1ubuntu2.2 source package in Ubuntu

Changelog

squid (4.8-1ubuntu2.2) eoan-security; urgency=medium

  * SECURITY UPDATE: info disclosure via FTP server
    - debian/patches/CVE-2019-12528.patch: fix FTP buffers handling in
      src/clients/FtpGateway.cc.
    - CVE-2019-12528
  * SECURITY UPDATE: incorrect input validation and buffer management
    - debian/patches/CVE-2020-84xx-1.patch: ignore malformed Host header in
      intercept and reverse proxy mode in src/client_side.cc,
      src/http/one/Parser.cc, src/http/one/Parser.h.
    - debian/patches/CVE-2020-84xx-2.patch: fix request URL generation in
      reverse proxy configurations in src/client_side.cc.
    - CVE-2020-8449
    - CVE-2020-8450
  * SECURITY UPDATE: DoS in NTLM authentication
    - debian/patches/CVE-2020-8517.patch: improved username handling in
      src/acl/external/LM_group/ext_lm_group_acl.cc.
    - CVE-2020-8517

 -- Marc Deslauriers <email address hidden>  Wed, 19 Feb 2020 12:47:31 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2020-02-19
Uploaded to:
Eoan
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Eoan updates on 2020-02-20 main web
Eoan security on 2020-02-20 main web

Downloads

File Size SHA-256 Checksum
squid_4.8.orig.tar.gz 4.9 MiB f8b78efc196b84f08f1b2c21eb832dafc170e4be44d5167586a036fde5956870
squid_4.8-1ubuntu2.2.debian.tar.xz 56.6 KiB b10737e914948ab2609fddf1b23d81481e78d010762035a292407cf53de3eb6b
squid_4.8-1ubuntu2.2.dsc 2.7 KiB a0f90ec2381b6ce5afa660e0f3b60281dd45d060836a13721a3f7b572329b74d

Available diffs

View changes file

Binary packages built by this source

squid: Full featured Web Proxy cache (HTTP proxy)

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.

squid-cgi: Full featured Web Proxy cache (HTTP proxy) - control CGI

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This package contains a CGI program that can be used to query and administrate
 a `squid' proxy cache through a web browser.

squid-cgi-dbgsym: debug symbols for squid-cgi
squid-common: Full featured Web Proxy cache (HTTP proxy) - common files

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This package contains common files (MIB and icons)

squid-dbgsym: debug symbols for squid
squid-purge: Full featured Web Proxy cache (HTTP proxy) - cache management utility

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This package contains a small utility that can be used to manage the disk cache
 from the command line.

squid-purge-dbgsym: debug symbols for squid-purge
squid3: Transitional package

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This is a transitional package used to migrate from squid3 to squid.

squidclient: Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message utility

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This package contains a small utility that can be used to get URLs from the
 command line.

squidclient-dbgsym: debug symbols for squidclient