Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
package/squid: security bump to version 4.15
Fixes the following security issues: - CVE-2021-28651: Denial of Service in URN processing Due to a buffer management bug Squid is vulnerable to a Denial of service attack against the server it is operating on. This attack is limited to proxies which attempt to resolve a "urn:" resource identifier. Support for this resolving is enabled by default in all Squid. GHSA-ch36-9jhx-phm4 - CVE-2021-28652: Denial of Service issue in Cache Manager Due to an incorrect parser validation bug Squid is vulnerable to a Denial of Service attack against the Cache Manager API. GHSA-m47m-9hvw-7447 - CVE-2021-28662: Denial of Service in HTTP Response Processing Due to an input validation bug Squid is vulnerable to a Denial of Service against all clients using the proxy. GHSA-jjq6-mh2h-g39h - CVE-2021-31806, CVE-2021-31807, CVE-2021-31808: Multiple Issues in HTTP Range header Due to an incorrect input validation bug Squid is vulnerable to a Denial of Service attack against all clients using the proxy. GHSA-pxwq-f3qr-w2xf - CVE-2021-33620: Denial of Service in HTTP Response processing Due to an input validation bug Squid is vulnerable to a Denial of Service against all clients using the proxy. GHSA-572g-rvwr-6c7f Signed-off-by: Peter Korsgaard <[email protected]> (cherry picked from commit d94c42b) Signed-off-by: Peter Korsgaard <[email protected]>
- Loading branch information
