d94c42b93e
Fixes the following security issues: - CVE-2021-28651: Denial of Service in URN processing Due to a buffer management bug Squid is vulnerable to a Denial of service attack against the server it is operating on. This attack is limited to proxies which attempt to resolve a "urn:" resource identifier. Support for this resolving is enabled by default in all Squid. https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4 - CVE-2021-28652: Denial of Service issue in Cache Manager Due to an incorrect parser validation bug Squid is vulnerable to a Denial of Service attack against the Cache Manager API. https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447 - CVE-2021-28662: Denial of Service in HTTP Response Processing Due to an input validation bug Squid is vulnerable to a Denial of Service against all clients using the proxy. https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h - CVE-2021-31806, CVE-2021-31807, CVE-2021-31808: Multiple Issues in HTTP Range header Due to an incorrect input validation bug Squid is vulnerable to a Denial of Service attack against all clients using the proxy. https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf - CVE-2021-33620: Denial of Service in HTTP Response processing Due to an input validation bug Squid is vulnerable to a Denial of Service against all clients using the proxy. https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| S97squid | ||
| squid.hash | ||
| squid.mk | ||