Package: squid3 / 3.1.20-2.2+deb7u4

Metadata

Package Version Patches format
squid3 3.1.20-2.2+deb7u4 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
01 cf.data.debian.patch | (download)

src/cf.data.pre | 35 19 + 16 - 0 !
1 file changed, 19 insertions(+), 16 deletions(-)

 default configuration file for debian

02 makefile defaults.patch | (download)

src/Makefile.in | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 change default file locations for debian

15 cachemgr default config.patch | (download)

tools/Makefile.am | 3 2 + 1 - 0 !
tools/Makefile.in | 3 2 + 1 - 0 !
2 files changed, 4 insertions(+), 2 deletions(-)

 fix path for cachemgr.cgi default configuration file

20 ipv6 fix | (download)

src/ip/IpAddress.cc | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
30 CVE 2012 5643 CVE 2013 0189.patch | (download)

tools/cachemgr.cc | 73 54 + 19 - 0 !
1 file changed, 54 insertions(+), 19 deletions(-)

 cachemgr.cgi: memory leaks and dos vulnerability
 * Ignore invalid Content-Length headers.
 * Limit received POST requests to 4KB and discard the rest.
 * Authentication credentials parser also leaks badly.
fix 701123 regression in cachemgr.patch | (download)

tools/cachemgr.cc | 8 2 + 6 - 0 !
1 file changed, 2 insertions(+), 6 deletions(-)

 fix regression in cachemgr.cgi
 Fix regression introduced by the patches for CVE-2012-5643 and
 CVE-2013-0189. Apply further patch provided by upstream.
fix 712754 assertion failure commHandleRead.patch | (download)

src/comm.cc | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

 fix assertion failure in commhandleread
CVE 2014 3609.patch | (download)

src/HttpHdrRange.cc | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 ignore range headers with unidentifiable byte-range values
 If squid is unable to determine the byte value for ranges, treat the
 header as invalid.
CVE 2015 5400.patch | (download)

src/tunnel.cc | 242 232 + 10 - 0 !
1 file changed, 232 insertions(+), 10 deletions(-)

 do not blindly forward cache peer connect responses
CVE 2016 2571.patch | (download)

src/http.cc | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

---