]> rtime.felk.cvut.cz Git - coffee/buildroot.git/commit
projects / coffee / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 001b834) | patch
squid: add upstream post-3.5.27 security patches
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 22 Jan 2018 19:54:17 +0000 (20:54 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Tue, 23 Jan 2018 07:30:15 +0000 (08:30 +0100)
commit6f481c83b96c76d59a420e5f6559c02cb5d329d3
tree40da605a8c28da08b73d05050f10dcd897f7c406tree | snapshot
parent001b834aacef82a6205f5b319037d42d0fdb13cdcommit | diff
squid: add upstream post-3.5.27 security patches

Fixes the following security issues:

SQUID-2018:1 Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses.

http://www.squid-cache.org/Advisories/SQUID-2018_1.txt

SQUID-2018:2  Due to incorrect pointer handling Squid is vulnerable to
denial of service attack when processing ESI responses or downloading
intermediate CA certificates.

http://www.squid-cache.org/Advisories/SQUID-2018_2.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/squid/0003-ESI-make-sure-endofName-never-exceeds-tagEnd-130.patch [new file with mode: 0644] blob
package/squid/0004-Fix-indirect-IP-logging-for-transactions-without-a-c.patch [new file with mode: 0644] blob