Univention Bugzilla – Full Text Bug Listing |
Summary: | squid3: Multiple issues (4.2) | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | Security updates | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P3 | CC: | requate |
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-3-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 7.4 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H) |
Description
Philipp Hahn
2018-02-25 17:06:07 CET
r18027 | Bug #46392: squid3_3.4.8-6+deb8u5 Drop patch as it only was a work-around for the old tool chain - the patch no longer applies as debian/patches/series no longer matches. Package: squid3 Version: 3.4.8-6+deb8u5A~4.2.3.201802251653 Branch: ucs_4.2-0 Scope: errata4.2-3 ec32abc5cb Bug #46392: squid3_3.4.8-6+deb8u5 YAML --- mirror/ftp/4.2/unmaintained/4.2-0/source/squid3_3.4.8-6+deb8u4A~4.2.0.201704011633.dsc +++ apt/ucs_4.2-0-errata4.2-3/source/squid3_3.4.8-6+deb8u5A~4.2.3.201802251653.dsc @@ -1,10 +1,17 @@ -3.4.8-6+deb8u4A~4.2.0.201704011633 [Sat, 01 Apr 2017 16:33:23 +0200] Univention builddaemon <buildd@univention.de>: +3.4.8-6+deb8u5A~4.2.3.201802251653 [Sun, 25 Feb 2018 17:07:39 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package - 000-fails-to-build-on-dimma 001-enable-ssl 003-posinst-config-change 005-squid-4-14311 + +3.4.8-6+deb8u5 [Sun, 18 Feb 2018 17:20:03 +0100] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * ESI: make sure endofName never exceeds tagEnd (CVE-2018-1000024) + (Closes: #888719) + * Fix indirect IP logging for transactions without a client connection + (CVE-2018-1000027) (Closes: #888720) 3.4.8-6+deb8u4 [Sun, 18 Dec 2016 11:47:19 +0100] Salvatore Bonaccorso <carnil@debian.org>: * Obsolete UCS patch dropped: squid3/4.2-0-0-ucs/3.4.8-6+deb8u4/000-fails-to-build-on-dimma.patch * All other UCS specific patches applied during rebuilt * Comparison to previously shipped version ok * Binary package installation Ok * Advisory Ok |