deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
buildroot/package/squid/squid.hash
Peter Korsgaard 71ac106bb3 package/squid: security bump to version 4.13 
Fixes the following security issues:

CVE-2020-15810: HTTP(S) Request Smuggling
Due to incorrect data validation Squid is vulnerable to HTTP Request
Smuggling attacks against HTTP and HTTPS traffic.  This leads to cache
poisoning.
https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m

CVE-2020-15811: HTTP(S) Request Splitting
Due to incorrect data validation Squid is vulnerable to HTTP Request
Splitting attacks against HTTP and HTTPS traffic.  This leads to cache
poisoning.
https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv

CVE-2020-24606: Denial of Service processing Cache Digest Response
Due to Improper Input Validation Squid is vulnerable to a Denial of Service
attack against the machine operating Squid.
https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-08-29 12:03:45 +02:00

7 lines
386 B
Plaintext
Raw Blame History

# From http://www.squid-cache.org/Versions/v4/squid-4.13.tar.xz.asc
md5 492e54afc15821141ff1d1d9903854d6 squid-4.13.tar.xz
sha1 cac95c18789e9ecd6620c2f278fc3900498c065b squid-4.13.tar.xz
# Locally calculated
sha256 6891a0f540e60779b4f24f1802a302f813c6f473ec7336a474ed68c3e2e53ee0 squid-4.13.tar.xz
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
Reference in a new issue View git blame Copy permalink