[squid-users] [squid-announce] [ADVISORY] SQUID-2019:4 Multiple Issues in HTTP Request processing

Antony Stone Antony.Stone at squid.open.source.it
Sun Apr 19 09:53:21 UTC 2020


On Sunday 19 April 2020 at 11:47:41, Dmitry Melekhov wrote:

> 19.04.2020 12:37, Amos Jeffries пишет:
> > On 19/04/20 8:22 pm, Dmitry Melekhov wrote:
> >
> > > 4.10 does not contain fix :-)
> > 
> > Which fix are you talking about?
> > 
> > The bug this advisory is talking about definitely is fixed in Squid
> > 4.10 code. The patch was added way back in 4.8 release.
> 
> Affected versions:  Squid 3.5.18 -> 3.5.28
>                      Squid 4.0.10 -> 4.7

You omitted the next line:

Fixed in version:   Squid 4.8

> Well, this announcement is extremely misleading then...

What's misleading?

It's a standard security advisory telling us what the vulnerability is, which 
versions are affected, and which version it is fixed from.


Regards,


Antony.

-- 
BASIC is to computer languages what Roman numerals are to arithmetic.

                                                   Please reply to the list;
                                                         please *don't* CC me.


More information about the squid-users mailing list