squid

pool/squid

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Adam Majer	8b38ddcc65	- Update to squid 4.11: * Fix incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (CVE-2019-12519, CVE-2019-12521, bsc#1169659) * Fixes possible information disclosure when translating FTP server listings into HTTP responses. (CVE-2019-12528, bsc#1162689) * Fixes possible denial of service caused by incorrect buffer management ext_lm_group_acl when processing NTLM Authentication credentials. (CVE-2020-8517, bsc#1162691) * Fixes a potential remote execution vulnerability when using HTTP Digest Authentication (CVE-2020-11945, bsc#1170313) * Fixes problem when reconfigure killed Coordinator in SMP+ufs configurations (#556) OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=210	2020-04-23 13:47:01 +00:00

Author

SHA256

Message

Date

Adam Majer

8b38ddcc65

- Update to squid 4.11:

* Fix incorrect buffer handling that can result in cache
    poisoning, remote execution, and denial of service attacks when
    processing ESI responses
    (CVE-2019-12519, CVE-2019-12521, bsc#1169659)
  * Fixes possible information disclosure when translating
    FTP server listings into HTTP responses.
    (CVE-2019-12528, bsc#1162689)
  * Fixes possible denial of service caused by incorrect buffer
    management ext_lm_group_acl when processing NTLM Authentication
    credentials. (CVE-2020-8517, bsc#1162691)
  * Fixes a potential remote execution vulnerability when using
    HTTP Digest Authentication (CVE-2020-11945, bsc#1170313)
  * Fixes problem when reconfigure killed Coordinator in
    SMP+ufs configurations (#556)

OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=210

2020-04-23 13:47:01 +00:00

1 Commits