squid3 (3.3.8-1ubuntu6.11) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service in ESI Response processing
- debian/patches/CVE-2018-1000024.patch: make sure endofName never
exceeds tagEnd in src/esi/CustomParser.cc.
- CVE-2018-1000024
* SECURITY UPDATE: denial of service in in HTTP Message processing
- debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
transactions without a client connection in
src/client_side_request.cc.
- CVE-2018-1000027
squid3 (3.3.8-1ubuntu6.10) trusty; urgency=medium
* debian/patches/fix-assertion-ftp-put-empty-file.patch: Fix ftp
assertion error when uploading empty file. Thanks to Alex Rousskov
<[email protected]>. Closes LP: #1423498.
Date: 2018-02-01 16:07:17.344099+00:00
Changed-By: Marc Deslauriers <[email protected]>
https://launchpad.net/ubuntu/+source/squid3/3.3.8-1ubuntu6.11
Sorry, changesfile not available.
--
Trusty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
