projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f3221f1) | patch
package/squid: security bump to version 4.8
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Tue, 20 Aug 2019 20:16:45 +0000 (22:16 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 21 Aug 2019 06:29:23 +0000 (08:29 +0200)
commit7792c4f1bc8ec0827d07dc75f60668b2ec81a785
tree16b28d13d8ebe545e96eb7529f10b3db4047edectree
parentf3221f1abf146ce730fbd0cc7d6ef0e5424da074commit | diff
package/squid: security bump to version 4.8

- Add a patch to fix cross-compilation
- Fix the following CVEs:
  - SQUID-2019:6 (CVE-2019-13345), Jul 12, 2019
    Fixed from 4.8
    Multiple Cross-Site Scripting issues in cachemgr.cgi
  - SQUID-2019:5 (CVE-2019-12527), Jul 12, 2019
    Fixed from 4.8
    Heap Overflow issue in HTTP Basic Authentication processing
  - SQUID-2019:3 (CVE-2019-12525), Jul 12, 2019
    Fixed from 4.8
    Denial of Service in HTTP Digest Authentication processing
  - SQUID-2019:2 (CVE-2019-12529), Jul 12, 2019
    Fixed from 4.8
    Denial of Service in HTTP Basic Authentication processing
  - SQUID-2019:1 (CVE-2019-12824), Jul 12, 2019
    Fixed from 4.8
    Denial of Service issue in cachemgr.cgi

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/squid/0001-acinclude-os-deps.m4-fix-cross-compilation.patch [new file with mode: 0644] blob
package/squid/squid.hash diff | blob | history
package/squid/squid.mk diff | blob | history