[Buildroot] [PATCH 1/1] package/squid: security bump to version 4.8

Peter Korsgaard peter at korsgaard.com
Wed Aug 21 06:43:30 UTC 2019


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > - Add a patch to fix cross-compilation
 > - Fix the following CVEs:
 >   - SQUID-2019:6 (CVE-2019-13345), Jul 12, 2019
 >     Fixed from 4.8
 >     Multiple Cross-Site Scripting issues in cachemgr.cgi
 >   - SQUID-2019:5 (CVE-2019-12527), Jul 12, 2019
 >     Fixed from 4.8
 >     Heap Overflow issue in HTTP Basic Authentication processing
 >   - SQUID-2019:3 (CVE-2019-12525), Jul 12, 2019
 >     Fixed from 4.8
 >     Denial of Service in HTTP Digest Authentication processing
 >   - SQUID-2019:2 (CVE-2019-12529), Jul 12, 2019
 >     Fixed from 4.8
 >     Denial of Service in HTTP Basic Authentication processing
 >   - SQUID-2019:1 (CVE-2019-12824), Jul 12, 2019
 >     Fixed from 4.8
 >     Denial of Service issue in cachemgr.cgi

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list