This bug was fixed in the package squid - 4.6-2ubuntu4
---
squid (4.6-2ubuntu4) eoan; urgency=medium
* Fix gcc-9 issues (LP: #1835831)
- Remove -Wno-sizeof-pointer-memaccess -Wno-stringop-truncation
- debian/patches/more-gcc-9-fixes.patch: switch to xstrncpy in
lib/smblib/smblib-util.c.
* SECURITY UPDATE: incorrect digest auth parameter parsing
- debian/patches/CVE-2019-12525.patch: check length in
src/auth/digest/Config.cc.
- CVE-2019-12525
* SECURITY UPDATE: buffer overflow in basic auth decoding
- debian/patches/CVE-2019-12527.patch: switch to SBuf in
src/HttpHeader.cc, src/HttpHeader.h, src/cache_manager.cc,
src/clients/FtpGateway.cc.
- CVE-2019-12527
* SECURITY UPDATE: basic auth uudecode length issue
- debian/patches/CVE-2019-12529.patch: replace uudecode with libnettle
base64 decoder in lib/Makefile.*, src/auth/basic/Config.cc,
include/uudecode.h, lib/uudecode.c.
- CVE-2019-12529
* SECURITY UPDATE: XSS issues in cachemgr.cgi
- debian/patches/CVE-2019-13345.patch: properly escape values in
tools/cachemgr.cc.
- CVE-2019-13345
-- Marc Deslauriers Fri, 19 Jul 2019
08:01:58 -0400
** Changed in: squid (Ubuntu)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12525
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12527
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12529
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-13345
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835831
Title:
FTBFS: gcc9 stringop-truncation and others
To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1835831/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
