-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 07 Mar 2024 20:52:04 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: arm64 Version: 4.13-10+deb11u3 Distribution: bullseye-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-01) Changed-By: Markus Koschany Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Changes: squid (4.13-10+deb11u3) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25617. * Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management. In regard to CVE-2023-46728: Please note that support for the Gopher protocol has simply been removed in future Squid versions. There are no plans by the upstream developers of Squid to fix this issue. We recommend to reject all Gopher URL requests instead. Checksums-Sha1: 0e0513c479a9aa07ce89b4c237e19a1456d1799d 155988 squid-cgi-dbgsym_4.13-10+deb11u3_arm64.deb 2ffd696efd2185d4e80b5fa95189f675f5f1d46f 167656 squid-cgi_4.13-10+deb11u3_arm64.deb 4b003fa1764c9b5adfc9a066c3aa36781ee6da7f 18830668 squid-dbgsym_4.13-10+deb11u3_arm64.deb 816fe4675b4377f951d891b7a44f5bf699e08050 20869952 squid-openssl-dbgsym_4.13-10+deb11u3_arm64.deb 610c13453cd222d1659a314ef0ceea6e3dbbbdaf 2516036 squid-openssl_4.13-10+deb11u3_arm64.deb eee62ef47fd2c21bf28119ad0eac04ea88d79004 76816 squid-purge-dbgsym_4.13-10+deb11u3_arm64.deb 36313ca82a95d51208180c017b45b46493ff89a8 158996 squid-purge_4.13-10+deb11u3_arm64.deb c8ff229b3ca912ba10799bba08c73fee4fe59c69 10860 squid_4.13-10+deb11u3_arm64-buildd.buildinfo b96e1862a6e62094d96a122e273bdbf8bdb38433 2375556 squid_4.13-10+deb11u3_arm64.deb 631d74c3e38460184cf12b97d41a1298b277c3a3 190660 squidclient-dbgsym_4.13-10+deb11u3_arm64.deb b5aee4386c4bbbbb040a9eab76c5e0fe5a9dfef7 169244 squidclient_4.13-10+deb11u3_arm64.deb Checksums-Sha256: 31dc9aeffb31c0233b1633f1b535fe200a0a105c3a82cd593bad78eab74e54ea 155988 squid-cgi-dbgsym_4.13-10+deb11u3_arm64.deb 7f2eb53dd18aa9c2abc678c54534eab19451bfdc013ef5cbacdaed6dcb3168a6 167656 squid-cgi_4.13-10+deb11u3_arm64.deb c76e461ef13012f358b5d85ddf71ba9589cc32add90d36ce2ec618710311d2e7 18830668 squid-dbgsym_4.13-10+deb11u3_arm64.deb 2dfe715d00e68bdcc1427f2635a698f940925452fd0853e4fa7580cf522353b9 20869952 squid-openssl-dbgsym_4.13-10+deb11u3_arm64.deb 91aeac246705a9cfdd5c21fb3c1d86167a9225b90c0f6e593a9957b6a8958f6f 2516036 squid-openssl_4.13-10+deb11u3_arm64.deb 74896756e59e494675552c04a5d00cab7688142a1c703e3a7abd0a4d87997073 76816 squid-purge-dbgsym_4.13-10+deb11u3_arm64.deb 5ae7c7923028ebf900bcaf1145ce2baec74ed92938f46e3b63e222ab2e06c848 158996 squid-purge_4.13-10+deb11u3_arm64.deb 4e8bf611b2bf845112238122dc996fb934c069a7d7334a53abc072cf1af7103a 10860 squid_4.13-10+deb11u3_arm64-buildd.buildinfo 4768f0d6c43d7bd15dc98b9b45ba7ff3c535200f5584d645cde7f968a38997c5 2375556 squid_4.13-10+deb11u3_arm64.deb e6c50ac294ef0cf8e75f41a193b9e256632c25b3b7dc3d01a725b9bcd4240555 190660 squidclient-dbgsym_4.13-10+deb11u3_arm64.deb 27204ae17e5e3968f4ce1bf7232eaac1fb26aa4fde21109996ad6ae1f42c2645 169244 squidclient_4.13-10+deb11u3_arm64.deb Files: a3ea27232c03f7be07989bfedd8c7a36 155988 debug optional squid-cgi-dbgsym_4.13-10+deb11u3_arm64.deb 5dfe9f6e9430aae25949d972bc7481ac 167656 web optional squid-cgi_4.13-10+deb11u3_arm64.deb b826ebdbb19f0d3b77a59289657961c8 18830668 debug optional squid-dbgsym_4.13-10+deb11u3_arm64.deb 047d77f6a099245a7e29c19c4145b753 20869952 debug optional squid-openssl-dbgsym_4.13-10+deb11u3_arm64.deb 1cd0d7dc3f6c97988b4bee98dab67971 2516036 web optional squid-openssl_4.13-10+deb11u3_arm64.deb 1864a56c9f0f046f2188e022519c05fe 76816 debug optional squid-purge-dbgsym_4.13-10+deb11u3_arm64.deb 78521000ae865ac347f4dc6b46b29fc7 158996 web optional squid-purge_4.13-10+deb11u3_arm64.deb e8681c5591e6a77fbcafe3fdd8e1b76f 10860 web optional squid_4.13-10+deb11u3_arm64-buildd.buildinfo f2d3ae35dbb9df5832d5033dd15de1ca 2375556 web optional squid_4.13-10+deb11u3_arm64.deb 244fb0c68a2b33df5656e0a5df5cd16f 190660 debug optional squidclient-dbgsym_4.13-10+deb11u3_arm64.deb b6accd01bb9cde570f03037a469890ff 169244 web optional squidclient_4.13-10+deb11u3_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvH8AOGUMuGQ9yWfAdEqOeknEYfEFAmXqU+gACgkQdEqOeknE YfG1PQ//bX4PkYDUszD8yLjMA00iwaT4uRik7g97OZXkexUam4NZctCWfBG0rF74 qoUAyfNhv/YvS5m3TWtxQU4phJcuU48zOALBeUjTmkNEOuXNUL+rWOjCorxzKNI/ t2wou3yUc0LUOoASdaQVY3Q24j9abY9Hl9RoF44CBEBaKDNLlz8g9Nhs81KYjEOI MghO8ufSeZR+/OvCvnngjfrwcx8RqogFPsCuUzOdFztC9PVWyf3q7VQvFfxNYPY6 IigGd41f4rjnD9KYUa2e/J3lJ/ChknYArdbibKd0PIGMFrDjSA3LTJx4D056T+4e DWBG+4GM6aBwnnraB8LRfybtmpqSaoIirQwho/hfn90nMlvnX8yY3kL4JkQYoyCj 8y3VWcGW25dYxK6zwMD/HnxNkPaAijtLUrQOVovAGhwzHpYQFFFYiHiEP0Hv2RxX ibJUqfaGJW9WA1JxdCUykoGUelPcFEaCI7G52irlz459gKI+NXh4o27o5cApdTAv EsveSuhP3IX8Ot0KSNJ3zGKjEYWdmB2TKq39qsHY0nNXctFx1NI+ntq6VGU9oZmT PA1c9CnYNsXwDHoMrQpIbs9T/5MkeqIqa7ZPM3FeVPZpFqnnh6DOrnsybWD+yDhZ gQcimkaMbpYrGWsy5oa5GsLIGcYODxIZ27JagTAXxJdSrQiackA= =7mmf -----END PGP SIGNATURE-----