Bugs fixes in "squid3"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2020-11945 | An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that ar | 2020-05-13 |
| CVE | CVE-2019-18860 | Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. | 2020-05-13 |
| CVE | CVE-2019-12521 | An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for ho | 2020-05-13 |
| CVE | CVE-2019-12519 | An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function | 2020-05-13 |
| CVE | CVE-2020-11945 | An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that ar | 2020-05-13 |
| CVE | CVE-2019-18860 | Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. | 2020-05-13 |
| CVE | CVE-2019-12521 | An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for ho | 2020-05-13 |
| CVE | CVE-2019-12519 | An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function | 2020-05-13 |
| CVE | CVE-2020-11945 | An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that ar | 2020-05-13 |
| CVE | CVE-2019-18860 | Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. | 2020-05-13 |
| CVE | CVE-2019-12521 | An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for ho | 2020-05-13 |
| CVE | CVE-2019-12519 | An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function | 2020-05-13 |
| CVE | CVE-2020-8517 | An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may w | 2020-02-20 |
| CVE | CVE-2020-8450 | An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance act | 2020-02-20 |
| CVE | CVE-2020-8449 | An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access | 2020-02-20 |
| CVE | CVE-2019-12528 | An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as | 2020-02-20 |
| CVE | CVE-2020-8517 | An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may w | 2020-02-20 |
| CVE | CVE-2020-8450 | An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance act | 2020-02-20 |
| CVE | CVE-2020-8449 | An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access | 2020-02-20 |
| CVE | CVE-2019-12528 | An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as | 2020-02-20 |
About
-
Send Feedback to @ubuntu_updates
