[Buildroot] [PATCH 1/1] package/squid: security bump to version 4.10

Peter Korsgaard peter at korsgaard.com
Sat Feb 29 07:38:55 UTC 2020


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > Drop patch (already in version)
 > Update indentation of hash file (two spaces)

 > Fix the following issues:
 >  - CVE-2020-8517: Buffer Overflow issue in ext_lm_group_acl helper.
 >  - CVE-2019-12528: Information Disclosure issue in FTP Gateway.
 >  - CVE-2020-8449, CVE-2020-8450: Improper Input Validation issues in
 >    HTTP Request processing.
 >  - CVE-2019-18679: Information Disclosure issue in HTTP Digest
 >    Authentication.
 >  - CVE-2019-18678: HTTP Request Splitting issue in HTTP message
 >    processing.
 >  - CVE-2019-18677: Cross-Site Request Forgery issue in HTTP Request
 >    processing.
 >  - CVE-2019-12523, CVE-2019-18676: Multiple issues in URI processing.
 >  - CVE-2019-12526: Heap Overflow issue in URN processing.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list