Univention Bugzilla – Bug 55271
squid: Multiple issues (5.0)
Last modified: 2022-10-20 13:41:17 CEST
New Debian squid 4.6-1+deb10u8A~5.0.2.202210170847 fixes: This update addresses the following issues: * exposure of sensitive information in cache manager (CVE-2022-41317) * buffer-over-read in SSPI and SMB authentication (CVE-2022-41318)
--- mirror/ftp/pool/main/s/squid/squid_4.6-1+deb10u7A~5.0.1.202206281116.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/squid_4.6-1+deb10u8A~5.0.2.202210170847.dsc @@ -1,8 +1,16 @@ -4.6-1+deb10u7A~5.0.1.202206281116 [Tue, 28 Jun 2022 11:17:31 +0200] Univention builddaemon <buildd@univention.de>: +4.6-1+deb10u8A~5.0.2.202210170847 [Mon, 17 Oct 2022 08:51:59 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 001-enable-ssl 005-squid-4-14311 + +4.6-1+deb10u8 [Wed, 12 Oct 2022 15:56:25 +0530] Abhijith PA <abhijith@debian.org>: + + * Non-maintainer upload by the Debian LTS Team. + * Fix CVE-2022-41317: Exposure of Sensitive Information in Cache + Manager + * Fix CVE-2022-41318: Buffer Over Read in SSPI and SMB + Authentication 4.6-1+deb10u7 [Sun, 26 Jun 2022 09:46:03 +0200] Santiago Garcia Mantinan <manty@debian.org>: <http://piuparts.knut.univention.de/5.0-2/#5953715270399910649>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] adf78d1e4f Bug #55271: squid 4.6-1+deb10u8A~5.0.2.202210170847 doc/errata/staging/squid.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x465>