d94c42b93e
Fixes the following security issues: - CVE-2021-28651: Denial of Service in URN processing Due to a buffer management bug Squid is vulnerable to a Denial of service attack against the server it is operating on. This attack is limited to proxies which attempt to resolve a "urn:" resource identifier. Support for this resolving is enabled by default in all Squid. https://github.com/squid-cache/squid/security/advisories/GHSA-ch36-9jhx-phm4 - CVE-2021-28652: Denial of Service issue in Cache Manager Due to an incorrect parser validation bug Squid is vulnerable to a Denial of Service attack against the Cache Manager API. https://github.com/squid-cache/squid/security/advisories/GHSA-m47m-9hvw-7447 - CVE-2021-28662: Denial of Service in HTTP Response Processing Due to an input validation bug Squid is vulnerable to a Denial of Service against all clients using the proxy. https://github.com/squid-cache/squid/security/advisories/GHSA-jjq6-mh2h-g39h - CVE-2021-31806, CVE-2021-31807, CVE-2021-31808: Multiple Issues in HTTP Range header Due to an incorrect input validation bug Squid is vulnerable to a Denial of Service attack against all clients using the proxy. https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf - CVE-2021-33620: Denial of Service in HTTP Response processing Due to an input validation bug Squid is vulnerable to a Denial of Service against all clients using the proxy. https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| arch | ||
| board | ||
| boot | ||
| configs | ||
| docs | ||
| fs | ||
| linux | ||
| package | ||
| support | ||
| system | ||
| toolchain | ||
| utils | ||
| .defconfig | ||
| .flake8 | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| CHANGES | ||
| Config.in | ||
| Config.in.legacy | ||
| COPYING | ||
| DEVELOPERS | ||
| Makefile | ||
| Makefile.legacy | ||
| README | ||
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation. The documentation can be found in docs/manual. You can generate a text document with 'make manual-text' and read output/docs/manual/manual.text. Online documentation can be found at http://buildroot.org/docs.html To build and use the buildroot stuff, do the following: 1) run 'make menuconfig' 2) select the target architecture and the packages you wish to compile 3) run 'make' 4) wait while it compiles 5) find the kernel, bootloader, root filesystem, etc. in output/images You do not need to be root to build or run buildroot. Have fun! Buildroot comes with a basic configuration for a number of boards. Run 'make list-defconfigs' to view the list of provided configurations. Please feed suggestions, bug reports, insults, and bribes back to the buildroot mailing list: buildroot@buildroot.org You can also find us on #buildroot on OFTC IRC. If you would like to contribute patches, please read https://buildroot.org/manual.html#submitting-patches