squid3 3.3.8-1ubuntu16.3 source package in Ubuntu
Changelog
squid3 (3.3.8-1ubuntu16.3) wily-security; urgency=medium
* SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
- debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
- CVE-2016-3947
* SECURITY UPDATE: denial of service and possible code execution via
seeding manager reporter with crafted data
- debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
content generation in tools/cachemgr.cc, added tests to
src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
tools/Makefile.am.
- CVE-2016-4051
* SECURITY UPDATE: denial of service or arbitrary code execution via
crafted ESI responses
- debian/patches/CVE-2016-4052.patch: perform bounds checking and
remove asserts in src/esi/Esi.cc.
- CVE-2016-4052
- CVE-2016-4053
- CVE-2016-4054
* SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
absolute-URI
- debian/patches/CVE-2016-4553.patch: properly handle condition in
src/client_side.cc
- CVE-2016-4553
* SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
crafted HTTP host header
- debian/patches/CVE-2016-4554.patch: properly handle whitespace in
src/mime_header.cc.
- CVE-2016-4554
* SECURITY UPDATE: denial of service via ESI responses
- debian/patches/CVE-2016-4555.patch: fix segfaults in
src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
- CVE-2016-4555
- CVE-2016-4556
* debian/rules: include autoreconf.mk.
* debian/control: add dh-autoreconf to BuildDepends.
* debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.
-- Marc Deslauriers <email address hidden> Tue, 07 Jun 2016 10:02:11 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Wily
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| squid3_3.3.8.orig.tar.bz2 | 2.9 MiB | 6411f344510e780f9e579851151278e1d02d8fe06a56abb1d97b1c53c61326a1 |
| squid3_3.3.8-1ubuntu16.3.debian.tar.xz | 56.7 KiB | 492a6ed404e991d3d42a2aa1fb019a52c4999e0ca34ee8f71fdbf42fdfbca8ab |
| squid3_3.3.8-1ubuntu16.3.dsc | 2.4 KiB | 8acc93aef8b0a1f39350d50bd15302f69d8dc82cb108af3249876f0450fa3397 |
Available diffs
Binary packages built by this source
- squid: No summary available for squid in ubuntu wily.
No description available for squid in ubuntu wily.
- squid-cgi: No summary available for squid-cgi in ubuntu wily.
No description available for squid-cgi in ubuntu wily.
- squid-cgi-dbgsym: No summary available for squid-cgi-dbgsym in ubuntu wily.
No description available for squid-cgi-dbgsym in ubuntu wily.
- squid-dbgsym: No summary available for squid-dbgsym in ubuntu wily.
No description available for squid-dbgsym in ubuntu wily.
- squid-purge: No summary available for squid-purge in ubuntu wily.
No description available for squid-purge in ubuntu wily.
- squid-purge-dbgsym: No summary available for squid-purge-dbgsym in ubuntu wily.
No description available for squid-purge-dbgsym in ubuntu wily.
- squid3: No summary available for squid3 in ubuntu wily.
No description available for squid3 in ubuntu wily.
- squid3-common: No summary available for squid3-common in ubuntu wily.
No description available for squid3-common in ubuntu wily.
- squid3-dbg: No summary available for squid3-dbg in ubuntu wily.
No description available for squid3-dbg in ubuntu wily.
- squid3-dbgsym: No summary available for squid3-dbgsym in ubuntu wily.
No description available for squid3-dbgsym in ubuntu wily.
- squidclient: No summary available for squidclient in ubuntu wily.
No description available for squidclient in ubuntu wily.
- squidclient-dbgsym: No summary available for squidclient-dbgsym in ubuntu wily.
No description available for squidclient-dbgsym in ubuntu wily.
