GNU bug report logs

#47142 squid package vulnerable to CVE-2021-28116

PackageSource(s)Maintainer(s)
guix PTS Buildd Popcon
Full log

Message #19 received at 47142-done@debbugs.gnu.org (full text, mbox, reply):

Received: (at 47142-done) by debbugs.gnu.org; 23 Mar 2022 03:06:09 +0000
From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 22 23:06:09 2022
Received: from localhost ([127.0.0.1]:42334 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1nWrK2-0001W6-9l
	for submit@debbugs.gnu.org; Tue, 22 Mar 2022 23:06:09 -0400
Received: from mail-qt1-f178.google.com ([209.85.160.178]:38669)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1nWrJx-0001Va-Cc
 for 47142-done@debbugs.gnu.org; Tue, 22 Mar 2022 23:06:04 -0400
Received: by mail-qt1-f178.google.com with SMTP id v2so216678qtc.5
 for <47142-done@debbugs.gnu.org>; Tue, 22 Mar 2022 20:06:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version:content-transfer-encoding;
 bh=EhOCHhBi11HxYXqIAIspD61aI/90HgcVynBfWH0DxoU=;
 b=ZVS5CBgptco+2lwx5qAde/FKgRH25Qf243fSVoeSX4Tm5sOecBwE2ZVlcrgN3I4qbr
 QdAP2JuobBlhv8+wXQwA21NMbDAJNcKXr6w2koLlGeAbr9kQoOBIc6kYuEMBStNsJ3ZA
 BMBurZPBfAjRL9IKbobhAT11rUVhMqIr0LQvb4Gqv2E4yZTp0ufZOOV6qL0ldXUER9LI
 +p6VnwBkU0dhepthQnqOuobyRC01X7glY23ZKkGiyaU0O8KEudsugWyAvZURnTe1T+EA
 Fs9cLUzPlLfE7sKkyifUqegSJKOTlnfB5XTwpObHG6ONrcx+YDKdyBlEXrJy571kC+SN
 418g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version:content-transfer-encoding;
 bh=EhOCHhBi11HxYXqIAIspD61aI/90HgcVynBfWH0DxoU=;
 b=pQAlGUMhO9U25C/5pleT5DP73BTBpljG22hgKNlTrhylgv3QKaFmkkWIl1RhRrLQA5
 4fxCge8PR+aCFo+RA1xT67cSCGolK7ysrhTK+G5M7mXVhoHCDrVwHRh8xNvrhFtxfa+x
 GEqcgnbj6Da17eiG2+RZ70xbPOYV1pWZmLRwEM84wLU0wkz/a2fjM5fxIBX3FxuKgHuD
 MlrwHJnkHUlAcCoI/Z+OOWWxiKNf5c/Nj/F2EPIMeKl4CsmMLbiX/ZcoilzAP+r5ea1k
 7CCJ19OWptQxauiNgmddWklWpB58jWIF9adQrP9JMj1P40X14KYg0dqNXDP9PiD5uRo6
 Lfdg==
X-Gm-Message-State: AOAM533CM1nPfWdmAnsXAO3y8nKum11841+29OYIHQV5Ke2CIiwAQHLz
 nV2qo7GCMxhb+sskBoNshKLjrYAG0q0=
X-Google-Smtp-Source: ABdhPJxywAYud9a9gY3Io6rHV1cdkP0eqN/kvJjQlljdAiwEClyqWZzX2p4CefahiU8NGyZp1+0LPA==
X-Received: by 2002:a05:622a:1184:b0:2e1:ec97:11bc with SMTP id
 m4-20020a05622a118400b002e1ec9711bcmr21833313qtk.221.1648004755994; 
 Tue, 22 Mar 2022 20:05:55 -0700 (PDT)
Received: from hurd (dsl-10-129-199.b2b2c.ca. [72.10.129.199])
 by smtp.gmail.com with ESMTPSA id
 m3-20020a05622a118300b002e1beed4908sm15577502qtk.3.2022.03.22.20.05.55
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 22 Mar 2022 20:05:55 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Mark H Weaver <mhw@netris.org>
Subject: Re: bug#47142: squid package vulnerable to CVE-2021-28116
References: <bc19eecdf5b924f0681c0fba22ffeb500540d988.camel@zaclys.net>
 <87czw1s9km.fsf@netris.org>
Date: Tue, 22 Mar 2022 23:05:54 -0400
In-Reply-To: <87czw1s9km.fsf@netris.org> (Mark H. Weaver's message of "Sun, 14
 Mar 2021 17:34:38 -0400")
Message-ID: <87ils5z7u5.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 47142-done
Cc: Léo Le Bouter <lle-bout@zaclys.net>,
 47142-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hello,

Mark H Weaver <mhw@netris.org> writes:

> I'm forwarding this to bug-guix@gnu.org so that it won't be forgotten.
>
>       Mark
>
> -------------------- Start of forwarded message --------------------
> Subject: squid package vulnerable to CVE-2021-28116
> From: Léo Le Bouter <lle-bout@zaclys.net>
> To: guix-devel@gnu.org
> Date: Wed, 10 Mar 2021 01:22:51 +0100
>
> CVE-2021-28116	09.03.21 23:15
> Squid through 4.14 and 5.x through 5.0.5, in some configurations,

We're now using squid 4.17.

Closing.

Thanks,

Maxim

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sun Dec 22 02:02:08 2024; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.