package/squid: security bump to version 4.8 (7792c4f1) · Commits · Arm Reference Solutions / buildroot

Commit 7792c4f1 authored Aug 20, 2019 by Fabrice Fontaine Committed by Peter Korsgaard Aug 21, 2019

package/squid: security bump to version 4.8



- Add a patch to fix cross-compilation
- Fix the following CVEs:
  - SQUID-2019:6 (CVE-2019-13345), Jul 12, 2019
    Fixed from 4.8
    Multiple Cross-Site Scripting issues in cachemgr.cgi
  - SQUID-2019:5 (CVE-2019-12527), Jul 12, 2019
    Fixed from 4.8
    Heap Overflow issue in HTTP Basic Authentication processing
  - SQUID-2019:3 (CVE-2019-12525), Jul 12, 2019
    Fixed from 4.8
    Denial of Service in HTTP Digest Authentication processing
  - SQUID-2019:2 (CVE-2019-12529), Jul 12, 2019
    Fixed from 4.8
    Denial of Service in HTTP Basic Authentication processing
  - SQUID-2019:1 (CVE-2019-12824), Jul 12, 2019
    Fixed from 4.8
    Denial of Service issue in cachemgr.cgi

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

parent f3221f1a

Hide whitespace changes

Inline Side-by-side

Please register or to comment