On 12/08/20 9:24 am, Simon Deziel wrote:
> Hello,
>
> I noticed that CVE-2019-12522 [*] was not yet fixed. I could confirm the
> saved UID is indeed 0 (root) on a Ubuntu 20.04.1 machine (5.4 kernel) so
> I was wondering if a fix was on the way. Thanks
>
We do not have an ETA on this issue. Risk
Hello,
I noticed that CVE-2019-12522 [*] was not yet fixed. I could confirm the
saved UID is indeed 0 (root) on a Ubuntu 20.04.1 machine (5.4 kernel) so
I was wondering if a fix was on the way. Thanks
Regards,
Simon
*:
https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-1252
On 11/08/20 6:02 pm, Leonard Humphries CW wrote:
> I have a task of STIGing Squid on CentOS7. Does anyone have recommended
> STIG checklists or SRG’s for Squid on CentOS7?
Squid is cross-platform software. So guides for Squid configuration will
be platform agnostic.
Guides for securing the OS en
STIG stands for Secure Technical Implementation Guide. It’s the standard by
which the DoD and other government entities measure whether a system,
application, etc is in compliance with their protocols. SRG stands for Security
Requirements Guides. They are both way for implementing security chan
I have a task of STIGing Squid on CentOS7. Does anyone have recommended STIG
checklists or SRG's for Squid on CentOS7? Also, It is my understanding that if
Squid isn't utilizing caching , then it might be better to use the Application
SRG instead of the Webserver SRG. Does anyone have any insig
OK, so..
The protocols 100% require a proper QA for something.
Currently from what I understand the Squid-Cache project doesn’t take “fast
steps” since it’s trying to be RFC compatible.
Also the project has couple guide lines about new features so it’s striving to
stay as “Stable” as possible.
