git.libre-soc.org Git - buildroot.git/commit

author	Fabrice Fontaine <fontaine.fabrice@gmail.com>
	Fri, 28 Feb 2020 23:18:00 +0000 (00:18 +0100)
committer	Peter Korsgaard <peter@korsgaard.com>
	Sat, 29 Feb 2020 07:36:30 +0000 (08:36 +0100)
commit	df1d834420b7af4624331ae7fbe174ad9a84875f
tree	72adaa8587dd4634e8d008cbcf9d0fb82a261d40	tree
parent	141ec698123d0c9c9b793d39d947060f001aab55	commit \| diff

package/squid: security bump to version 4.10

Drop patch (already in version)
Update indentation of hash file (two spaces)

Fix the following issues:
- CVE-2020-8517: Buffer Overflow issue in ext_lm_group_acl helper.
- CVE-2019-12528: Information Disclosure issue in FTP Gateway.
- CVE-2020-8449, CVE-2020-8450: Improper Input Validation issues in
   HTTP Request processing.
- CVE-2019-18679: Information Disclosure issue in HTTP Digest
   Authentication.
- CVE-2019-18678: HTTP Request Splitting issue in HTTP message
   processing.
- CVE-2019-18677: Cross-Site Request Forgery issue in HTTP Request
   processing.
- CVE-2019-12523, CVE-2019-18676: Multiple issues in URI processing.
- CVE-2019-12526: Heap Overflow issue in URN processing.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/squid/0001-acinclude-os-deps.m4-fix-cross-compilation.patch	[deleted file]	blob \| history
package/squid/squid.hash		diff \| blob \| history
package/squid/squid.mk		diff \| blob \| history