Request 701549: Submit squid - openSUSE Build Service

Overview

Request 701549 accepted

- Update to squid 4.7: (jsc#SLE-5648)
+ Fix stack-based buffer-overflow when parsing SNMP messages
+ Fixed squidclient authentication
+ Add support for buffer-size= to UDP logging
+ Trust intermediate CAs from trusted stores
+ Bug #4928: Cannot convert non-IPv4 to IPv4
+ Bug #4796: comm.cc !isOpen(conn->fd) assertion when rotating logs
+ Bug #4823: assertion failed: "lowestOffset () <= target_offset"
(bsc#1133089)
+ Bug #4942: --with-filedescriptors does not do anything

- Syncronize bug and CVE references between 3.x and 4.x squid changelog
versions. These bugs were fixed here either without properly referencing
them during the fix or 4.x branch was never affected by them.
(bsc#1090089, CVE-2018-1172, bsc#979008, CVE-2016-4556,
bsc#938715, CVE-2015-5400, bsc#949942, CVE-2014-9749,
bsc#1016169, CVE-2016-10003, bsc#1016168, CVE-2016-10002,
bsc#979011, CVE-2016-4555, bsc#979010, CVE-2016-4554,
bsc#979009, CVE-2016-4553, bsc#976556, CVE-2016-4054,
bsc#976553, CVE-2016-4051, bsc#973783, CVE-2016-3948,
bsc#973782, CVE-2016-3947, bsc#968395, CVE-2016-2572,
bsc#968394, CVE-2016-2571, bsc#968393, CVE-2016-2570,
bsc#968392, CVE-2016-2569, bsc#967011, CVE-2016-2390,
bsc#959290, CVE-2016-4052, CVE-2016-4053)

+ Fix memory leak when parsing SNMP packet
(bsc#1113669, CVE-2018-19132)
before displaying them (bsc#1113668, CVE-2018-19131)

Created by adamm about 5 years ago
In state accepted

Submit squid

Comments for request 701549 0

Login required, please login in order to comment

Request History

adamm created request about 5 years ago

- Update to squid 4.7: (jsc#SLE-5648)
+ Fix stack-based buffer-overflow when parsing SNMP messages
+ Fixed squidclient authentication
+ Add support for buffer-size= to UDP logging
+ Trust intermediate CAs from trusted stores
+ Bug #4928: Cannot convert non-IPv4 to IPv4
+ Bug #4796: comm.cc !isOpen(conn->fd) assertion when rotating logs
+ Bug #4823: assertion failed: "lowestOffset () <= target_offset"
(bsc#1133089)
+ Bug #4942: --with-filedescriptors does not do anything

- Syncronize bug and CVE references between 3.x and 4.x squid changelog
versions. These bugs were fixed here either without properly referencing
them during the fix or 4.x branch was never affected by them.
(bsc#1090089, CVE-2018-1172, bsc#979008, CVE-2016-4556,
bsc#938715, CVE-2015-5400, bsc#949942, CVE-2014-9749,
bsc#1016169, CVE-2016-10003, bsc#1016168, CVE-2016-10002,
bsc#979011, CVE-2016-4555, bsc#979010, CVE-2016-4554,
bsc#979009, CVE-2016-4553, bsc#976556, CVE-2016-4054,
bsc#976553, CVE-2016-4051, bsc#973783, CVE-2016-3948,
bsc#973782, CVE-2016-3947, bsc#968395, CVE-2016-2572,
bsc#968394, CVE-2016-2571, bsc#968393, CVE-2016-2570,
bsc#968392, CVE-2016-2569, bsc#967011, CVE-2016-2390,
bsc#959290, CVE-2016-4052, CVE-2016-4053)

+ Fix memory leak when parsing SNMP packet
(bsc#1113669, CVE-2018-19132)
before displaying them (bsc#1113668, CVE-2018-19131)

licensedigger accepted review about 5 years ago

ok

factory-auto added opensuse-review-team as a reviewer about 5 years ago

Please review sources

factory-auto accepted review about 5 years ago

Check script succeeded

staging-bot added as a reviewer about 5 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:31"

staging-bot accepted review about 5 years ago

Picked openSUSE:Factory:Staging:adi:31

dimstar accepted review about 5 years ago

staging-bot accepted review about 5 years ago

ready to accept

staging-bot approved review about 5 years ago

ready to accept

dimstar_suse accepted request about 5 years ago

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by