-
squid3 (3.1.14-1ubuntu0.3) oneiric-security; urgency=low
* SECURITY UPDATE: denial of service via cachemgr.cgi insufficient input
validation
- debian/patches/98-CVE-2012-5643.dpatch: modify cachemgr.cc to properly
free memory and handle input in chunks
- Based on
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
- CVE-2012-5643
- CVE-2013-0189
-- Seth Arnold <email address hidden> Wed, 30 Jan 2013 10:45:17 -0800
-
squid3 (3.1.14-1ubuntu0.2) oneiric-proposed; urgency=low
* Add 16-skip-read-if-closed.dpatch: Check if connection is still open
and bail out if not before attempting to read more data. Fixes crash
in squid proxy with message, assertion failed: comm.cc:349:
"!fd_table[fd].closing()". Patch is a cherrypick of an upstream
patch to fix Squid Bug 3131.
(LP: #955883)
-- Bryce Harrington <email address hidden> Thu, 22 Mar 2012 16:09:42 -0700
-
squid3 (3.1.14-1ubuntu0.1) oneiric-security; urgency=low
* SECURITY UPDATE: Fix DoS (memory corruption and daemon restart) or possibly
have unspecified other impact via a long line in a response by remote
Gopher servers. (LP: #907687)
- debian/patches/CVE-2011-3205.dpatch: patch derived from upstream.
- CVE-2011-3205
* SECURITY UPDATE: Fix DoS (daemon abort) via DNS reply containing a CNAME
record that references another CNAME record that contains an empty A record.
- debian/patches/CVE-2011-4096.dpatch
- CVE-2011-4096
-- Mahyuddin Susanto <email address hidden> Thu, 22 Dec 2011 21:51:38 +0700
-
squid3 (3.1.14-1) unstable; urgency=low
* New upstream release - Fixes FTBFS with GCC 4.6 (Closes: #625405) - Fixes issue with IPv4/IPv6 DNS resolution (Closes: #604566) - Fixes issue with IPv6 resolution in access.log (Closes: #604832) * debian/control - Bumped Standard-Version to 3.9.2, no change needed * debian/squid.rc - Fixed init script preventing alterate cache dir from being created (Closes: #623935) -- Luigi Gangitano <email address hidden> Sat, 09 Jul 2011 17:58:46 +0200
-
squid3 (3.1.12-1) unstable; urgency=low
* New upstream release
- Removed patch integrated upstream
+ 18-gcc-4.5-fix
- Rebuild against libdb5.1 (Closes: #621453)
* debian/control
- Remove article at start of synopsis, to make lintian happy
-- Ubuntu Archive Auto-Sync <email address hidden> Sat, 30 Apr 2011 13:48:18 +0000
-
squid3 (3.1.11-1) unstable; urgency=low
* New upstream release
* debian/patches/18-gcc-4.5-fix
- Added upstream fix for gcc 4.5 building (Closes: #613153)
-- Mahyuddin Susanto <email address hidden> Tue, 15 Feb 2011 01:46:19 +0100