© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Thanks Athos for your prompt answer !
> I suppose that the CVEs for the mentioned vulnerabilities were not release yet, is this right?
>
> I could find no October 2023 entries in https:/
Yes, the reporter provides additional background on the official CVE reporting into
https:/
> Although some of the issues have been fixed, the majority (35) remain
> valid. The majority have not been assigned CVEs, and no patches or
> workarounds are available.
>
> After two and a half years of waiting, I have decided to release the issues
> publicly. The Squid Project is aware of this release.
> I am including tasks for the squid deb package as well since it seems to be affected.
Would you have pointer to the task tracking the squid deb package updates ?
> I suppose there is no need for this to be private since the vulnerabilities have been disclosed upstream, but I will leave this to someone in the security team to assess.
+1 for making it public, sorry if I misqualified