Search squid archive

Missing security announcements

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



How did Red Hat and Debian know about 
    https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78
before the squid-announce mailing list?  It's not even listed at 
    https://github.com/apptainer/apptainer/security
even though there is another one from the same day.

Dave

On Wed, Sep 21, 2022 at 11:43:41PM +1200, Amos Jeffries wrote:
> Subject: Re:  Missing squid 5.6 & 5.7 announcements
> On 21/09/22 10:33, Dave Dykstra wrote:
> > I tried sending this directly to Amos twice over the last week or so but
> > it bounced each time.
> > 
> > I noticed that 5.7 is on the website since 5 September, but I have not
> > see a release announcement for that or for 5.6 from June.
> 
> 
> Mea culpa sorry. I am a bit behind on security paperwork needed for those.
> 
> 
> >  I would like
> > to know if it is considered to be in a stable enough state that all
> > squid 4 users are encouraged to upgrade, or not.  The release notes
> > don't tell me that.
> 
> Basically yes we are back at "encourage to upgrade".
> 
> To be specific:
>  * The initial big troubles were resolved in 5.5.
>  * We have two reports of Delay Pools having weird behaviours, but that is
> shared with v4.
> 
>  * WCCP regression (YMMV) in latest security patches has not fully been
> resolved in the official code. Experimental patches are available if
> necessary.
> 
> 
> HTH
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux