[ubuntu/questing-security] squid 6.13-1ubuntu4.1 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Tue Oct 28 19:02:50 UTC 2025
squid (6.13-1ubuntu4.1) questing-security; urgency=medium
* SECURITY UPDATE: HTTP Authentication credential leak
- debian/patches/CVE-2025-62168.patch: Add maskSensitiveInfo parameter to
pack and pass it to packInto in src/HttpRequest.cc. Add maskSensitiveInfo
to pack in src/HttpRequest.h. Adapt code with new parameter in
src/client_side_reply.cc, and src/errorpage.cc. Remove request_hdr NULL
assign in src/errorpage.h.
- CVE-2025-62168
Date: 2025-10-23 16:19:15.298135+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/squid/6.13-1ubuntu4.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list