enterprise-support team mailing list archive

[Launchpad Bug Tracker <1547640@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package squid3 - 3.1.19-1ubuntu3.12.04.6

---------------
squid3 (3.1.19-1ubuntu3.12.04.6) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted UDP SNMP request
    - debian/patches/CVE-2014-6270.patch: fix off-by-one in
      src/snmp_core.cc.
    - CVE-2014-6270
  * SECURITY UPDATE: error handling vulnerability
    - debian/patches/CVE-2016-2571.patch: better handling of huge response
      headers in src/http.cc.
    - CVE-2016-2571
  * Fix security issue that only applies when package is rebuilt with the
    enable-ssl flag, which is not the case in the Ubuntu archive.
    - debian/patches/CVE-2014-0128.patch: denial of service via a crafted
      range request.
  * debian/patches/increase-default-forward-max-tries.patch:
    change the default setting of 'forward_max_tries' from 10
    to 25. (LP: #1547640)

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Fri, 04 Mar 2016
14:57:14 -0500

** Changed in: squid3 (Ubuntu Precise)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0128

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-6270

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2571

** Changed in: squid3 (Ubuntu Wily)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-3455

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to squid3 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1547640

Title:
  proxy tries ipv6 and gets 503 when no ipv6 routes

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1547640/+subscriptions