On Fri, Jan 22, 2016 at 09:37:52PM +0300, Michael Tokarev wrote:
> 15.01.2016 22:47, startrekfan wrote:
>
> > *squid3 Version 3.4.8* is deployed in the Jessie stable
> > repository.*This version is outdated and has some security risks!!*.
> > Version 3.5 is more secure but unfortunately it's only
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 26 Jan 2016 22:17:54 +1300
Chris Bannister wrote:
>On Fri, Jan 22, 2016 at 09:37:52PM +0300, Michael Tokarev wrote:
>> 15.01.2016 22:47, startrekfan wrote:
>>
>> > *squid3 Version 3.4.8* is deployed in the
15.01.2016 22:47, startrekfan wrote:
> *squid3 Version 3.4.8* is deployed in the Jessie stable repository.*This
> version is outdated and has some security risks!!*. Version 3.5 is more
> secure but unfortunately it's only marked as unstable
I wonder how many times this question should be
Hi,
The link you provided refers to an issue with proxy certificates for SSL
interception. This feature is disabled in Debian squid3 package due to
licensing issues with OpenSSL, thus this is not a bug in Debian squid3 packages.
The only way this bug could affect a Debian user would be if the
I didn't subscribed to the mailing list. So* please put my mail address
into cc*. thanks.
I think I found a security issue that is not fixed in debian squid 3.4.8.
Squid 3.4 seems to use the sha1 algorithm for dynamic certificate
generation. Sha1 is unsafe. This seems to be fixed only in squid
Hi,
startrekfan wrote:
> *squid3 Version 3.4.8* is deployed in the Jessie stable repository.* This
> version is outdated and has some security risks!!*. Version 3.5 is more
> secure but unfortunately it's only marked as unstable
Have you checked
Hello,
I'm not sure which mailing list I should chose. So I'll try my luck here.
I didn't subscribed to the mailing list. So* please put my mail address
into cc*. thanks.
*squid3 Version 3.4.8* is deployed in the Jessie stable repository.* This
version is outdated and has some security
On Fri, 2016-01-15 at 19:47 +, startrekfan wrote:
> Hello,
>
> I'm not sure which mailing list I should chose. So I'll try my luck here.
>
> I didn't subscribed to the mailing list. So* please put my mail address
> into cc*. thanks.
>
> *squid3 Version 3.4.8* is deployed in the Jessie
squid3 3.4.8 has some security issues(risks)/bugs so an upgrade to 3.5 is
actually only a fix of this bugs/security issues. There is no patch for
3.4.8 because it's outdated. Debian Jessie is the current active release.
So why not fixing squid3 in Debian Jessie with an stable 3.5 update?
Ben
Hello startrekfan,
please don't do top posting.
Am 15.01.2016 um 23:19 schrieb startrekfan:
> squid3 3.4.8 has some security issues(risks)/bugs so an upgrade to 3.5 is
> actually only a fix of this bugs/security issues.
Which issues do you refer? What bugs in detail? Have you looked into the
10 matches
Mail list logo