[Buildroot] [PATCH 1/1] package/squid: security bump to version 4.10
Peter Korsgaard
peter at korsgaard.com
Sat Feb 29 07:38:55 UTC 2020
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Drop patch (already in version)
> Update indentation of hash file (two spaces)
> Fix the following issues:
> - CVE-2020-8517: Buffer Overflow issue in ext_lm_group_acl helper.
> - CVE-2019-12528: Information Disclosure issue in FTP Gateway.
> - CVE-2020-8449, CVE-2020-8450: Improper Input Validation issues in
> HTTP Request processing.
> - CVE-2019-18679: Information Disclosure issue in HTTP Digest
> Authentication.
> - CVE-2019-18678: HTTP Request Splitting issue in HTTP message
> processing.
> - CVE-2019-18677: Cross-Site Request Forgery issue in HTTP Request
> processing.
> - CVE-2019-12523, CVE-2019-18676: Multiple issues in URI processing.
> - CVE-2019-12526: Heap Overflow issue in URN processing.
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list