squid 4.10-1ubuntu1.10 source package in Ubuntu
Changelog
squid (4.10-1ubuntu1.10) focal-security; urgency=medium * SECURITY UPDATE: DoS via Cache Manager error responses - debian/patches/CVE-2024-23638.patch: just close after a write(2) response sending error in src/servers/Server.cc. - CVE-2024-23638 * SECURITY UPDATE: DoS in HTTP header parsing - debian/patches/CVE-2024-25617.patch: improve handling of expanding HTTP header values in src/SquidString.h, src/cache_cf.cc, src/cf.data.pre, src/http.cc. - CVE-2024-25617 * SECURITY UPDATE: DoS via chunked decoder uncontrolled recursion bug - debian/patches/CVE-2024-25111.patch: fix infinite recursion in src/SquidMath.h, src/http.cc, src/http.h. - debian/rules: build with -std=c++17. - CVE-2024-25111 * SECURITY UPDATE: DoS via Improper Handling of Structural Elements bug - debian/patches/CVE-2023-5824-pre1.patch: break long store_client call chains with async calls. - debian/patches/CVE-2023-5824-pre2.patch: add Assure() as a replacement for problematic Must(). - debian/patches/CVE-2023-5824-pre3.patch: fix compiler errors. - debian/patches/CVE-2023-5824-pre4.patch: overload operator for TextException. - debian/patches/CVE-2023-5824-pre5.patch: add Debug::Extra. - debian/patches/CVE-2023-5824-pre6.patch: supply ALE with HttpReply before checking http_reply_access. - debian/patches/CVE-2023-5824-1.patch: remove serialized HTTP headers from storeClientCopy(). - debian/patches/CVE-2023-5824-2.patch: fix frequent assertion. - debian/patches/CVE-2023-5824-3.patch: remove mem_hdr::freeDataUpto() assertion. - debian/patches/CVE-2023-5824-4.patch: fix Bug 5318. - CVE-2023-5824 -- Marc Deslauriers <email address hidden> Thu, 14 Mar 2024 12:54:48 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
squid_4.10.orig.tar.xz | 2.3 MiB | 98f0100afd8a42ea5f6b81eb98b0e4b36d7a54beab1c73d2f1705ab49b025f1f |
squid_4.10-1ubuntu1.10.debian.tar.xz | 128.1 KiB | 86819ff78020035d9cebae64ba41b79dc5a5c1244d877a160eb4b53a8749d82e |
squid_4.10-1ubuntu1.10.dsc | 2.7 KiB | c05b2a2be96685ff9a736c2c52a11a7a1f344ec494fe5b35af81927a9ee41a52 |
Available diffs
Binary packages built by this source
- squid: Full featured Web Proxy cache (HTTP proxy)
Squid is a high-performance proxy caching server for web clients, supporting
FTP, gopher, ICY and HTTP data objects.
- squid-cgi: Full featured Web Proxy cache (HTTP proxy) - control CGI
Squid is a high-performance proxy caching server for web clients, supporting
FTP, gopher, ICY and HTTP data objects.
.
This package contains a CGI program that can be used to query and administrate
a `squid' proxy cache through a web browser.
- squid-cgi-dbgsym: debug symbols for squid-cgi
- squid-common: Full featured Web Proxy cache (HTTP proxy) - common files
Squid is a high-performance proxy caching server for web clients, supporting
FTP, gopher, ICY and HTTP data objects.
.
This package contains common files (MIB and icons)
- squid-dbgsym: debug symbols for squid
- squid-purge: Full featured Web Proxy cache (HTTP proxy) - cache management utility
Squid is a high-performance proxy caching server for web clients, supporting
FTP, gopher, ICY and HTTP data objects.
.
This package contains a small utility that can be used to manage the disk cache
from the command line.
- squid-purge-dbgsym: debug symbols for squid-purge
- squidclient: Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message utility
Squid is a high-performance proxy caching server for web clients, supporting
FTP, gopher, ICY and HTTP data objects.
.
This package contains a small utility that can be used to get URLs from the
command line.
- squidclient-dbgsym: debug symbols for squidclient