71ac106bb3
Fixes the following security issues: CVE-2020-15810: HTTP(S) Request Smuggling Due to incorrect data validation Squid is vulnerable to HTTP Request Smuggling attacks against HTTP and HTTPS traffic. This leads to cache poisoning. https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m CVE-2020-15811: HTTP(S) Request Splitting Due to incorrect data validation Squid is vulnerable to HTTP Request Splitting attacks against HTTP and HTTPS traffic. This leads to cache poisoning. https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv CVE-2020-24606: Denial of Service processing Cache Digest Response Due to Improper Input Validation Squid is vulnerable to a Denial of Service attack against the machine operating Squid. https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| S97squid | ||
| squid.hash | ||
| squid.mk | ||