UbuntuUpdates.org

Bugs fixes in "squid"

Origin Bug number Title Date fixed
CVE CVE-2020-24606 Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a 2020-08-27
CVE CVE-2020-24606 Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a 2020-08-27
CVE CVE-2020-11945 An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that ar 2020-05-13
CVE CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for ho 2020-05-13
CVE CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function 2020-05-13
CVE CVE-2020-11945 An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that ar 2020-05-13
CVE CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for ho 2020-05-13
CVE CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function 2020-05-13
CVE CVE-2020-11945 An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that ar 2020-05-13
CVE CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for ho 2020-05-13
CVE CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function 2020-05-13
CVE CVE-2020-11945 An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that ar 2020-05-13
CVE CVE-2019-12521 An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for ho 2020-05-13
CVE CVE-2019-12519 An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function 2020-05-13
CVE CVE-2020-8517 An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may w 2020-04-29
CVE CVE-2020-8450 An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance act 2020-04-29
CVE CVE-2020-8449 An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access 2020-04-29
CVE CVE-2019-12528 An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as 2020-04-29
Launchpad 1858827 DEP8 failure: pygopherd was deleted 2020-04-29
Launchpad 1843325 FTBFS with glibc 2.30: sysctl.h is deprecated 2020-04-29



About   -   Send Feedback to @ubuntu_updates