This bug was fixed in the package squid - 4.6-2ubuntu4 --------------- squid (4.6-2ubuntu4) eoan; urgency=medium
* Fix gcc-9 issues (LP: #1835831) - Remove -Wno-sizeof-pointer-memaccess -Wno-stringop-truncation - debian/patches/more-gcc-9-fixes.patch: switch to xstrncpy in lib/smblib/smblib-util.c. * SECURITY UPDATE: incorrect digest auth parameter parsing - debian/patches/CVE-2019-12525.patch: check length in src/auth/digest/Config.cc. - CVE-2019-12525 * SECURITY UPDATE: buffer overflow in basic auth decoding - debian/patches/CVE-2019-12527.patch: switch to SBuf in src/HttpHeader.cc, src/HttpHeader.h, src/cache_manager.cc, src/clients/FtpGateway.cc. - CVE-2019-12527 * SECURITY UPDATE: basic auth uudecode length issue - debian/patches/CVE-2019-12529.patch: replace uudecode with libnettle base64 decoder in lib/Makefile.*, src/auth/basic/Config.cc, include/uudecode.h, lib/uudecode.c. - CVE-2019-12529 * SECURITY UPDATE: XSS issues in cachemgr.cgi - debian/patches/CVE-2019-13345.patch: properly escape values in tools/cachemgr.cc. - CVE-2019-13345 -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Fri, 19 Jul 2019 08:01:58 -0400 ** Changed in: squid (Ubuntu) Status: New => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12525 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12527 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12529 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-13345 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1835831 Title: FTBFS: gcc9 stringop-truncation and others To manage notifications about this bug go to: https://bugs.launchpad.net/squid/+bug/1835831/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs