Request 715608: Submit squid - openSUSE Build Service

This request is superseded by request 715745 (Show diff)

Overview

Request 715608 superseded

- Update to squid 4.8:
+ Ignore ECONNABORTED in accept(2)
+ RFC 7230 forbids generation of userinfo subcomponent of https URL
+ cachemgr.cgi: unallocated memory access resulting in a potential
denial of service. (bsc#1141442, CVE-2019-12854)
+ terminating c-strings beyond BASE64_DECODE_LENGTH
+ Replace uudecode with libnettle base64 decoder fixing a denial
of service vulnerability (bsc#1141329, CVE-2019-12529)
+ fix to_localhost does not include ::
+ Fix GCC-9 build issues
+ Fix Digest auth parameter parsing preventing a potential
denial of service (bsc#1141332, CVE-2019-12525)
+ Update HttpHeader::getAuth to SBuf which prevents a potential
heap overflowing allowing a possible remote code execution
attack when processing HTTP Authentication credentials
(bsc#1141330, CVE-2019-12527)
+ Add the NO_TLSv1_3 option to available tls-options values
+ Fix handling of tiny invalid responses
+ Fix Memory leak when http_reply_access uses external_acl
+ Fix Multiple XSS issues in cachemgr.cgi
(bsc#1140738, CVE-2019-13345)
- disable LTO to as a workaround to tests failing

Created by adamm over 5 years ago
In state superseded
Superseded by 715745
Open review for licensedigger
Open review for openSUSE:Factory:Staging:adi:41

Submit squid

Comments for request 715608 0

Login required, please login in order to comment

Request History

adamm created request over 5 years ago

- Update to squid 4.8:
+ Ignore ECONNABORTED in accept(2)
+ RFC 7230 forbids generation of userinfo subcomponent of https URL
+ cachemgr.cgi: unallocated memory access resulting in a potential
denial of service. (bsc#1141442, CVE-2019-12854)
+ terminating c-strings beyond BASE64_DECODE_LENGTH
+ Replace uudecode with libnettle base64 decoder fixing a denial
of service vulnerability (bsc#1141329, CVE-2019-12529)
+ fix to_localhost does not include ::
+ Fix GCC-9 build issues
+ Fix Digest auth parameter parsing preventing a potential
denial of service (bsc#1141332, CVE-2019-12525)
+ Update HttpHeader::getAuth to SBuf which prevents a potential
heap overflowing allowing a possible remote code execution
attack when processing HTTP Authentication credentials
(bsc#1141330, CVE-2019-12527)
+ Add the NO_TLSv1_3 option to available tls-options values
+ Fix handling of tiny invalid responses
+ Fix Memory leak when http_reply_access uses external_acl
+ Fix Multiple XSS issues in cachemgr.cgi
(bsc#1140738, CVE-2019-13345)
- disable LTO to as a workaround to tests failing

factory-auto added opensuse-review-team as a reviewer over 5 years ago

Please review sources

factory-auto accepted review over 5 years ago

Check script succeeded

namtrac accepted review over 5 years ago

staging-bot added openSUSE:Factory:Staging:adi:41 as a reviewer over 5 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:41"

staging-bot accepted review over 5 years ago

Picked openSUSE:Factory:Staging:adi:41

adamm superseded request over 5 years ago

superseded by 715745

openSUSE Build Service is sponsored by