On Wed, 2015-07-22 at 23:02 +0200, Luigi Gangitano wrote: > Hi Ben, > > Thanks for the heads up on LTS security issues in squid3. > > We’ve already prepared an update for CVE-2015-5400 for jessie and are > willing to contribute an update for squeeze to. The link you sent me > is not working so I’m unable to check if other security issues are > open and co-ordinate a single package update. Sorry, I think this was the issue covered by <http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13849.patch>. That was removed from the tracker by <http://anonscm.debian.org/viewvc/secure-testing?view=revision&revision=35535> as it doesn't actually affect the Debian package. Ben. -- Ben Hutchings - Debian developer, member of Linux kernel and LTS teams
Attachment:
signature.asc
Description: This is a digitally signed message part