-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 07 Mar 2024 20:52:04 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: ppc64el Version: 4.13-10+deb11u3 Distribution: bullseye-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Markus Koschany Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Changes: squid (4.13-10+deb11u3) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25617. * Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management. In regard to CVE-2023-46728: Please note that support for the Gopher protocol has simply been removed in future Squid versions. There are no plans by the upstream developers of Squid to fix this issue. We recommend to reject all Gopher URL requests instead. Checksums-Sha1: cfe422167c2cd9af4d7c769656b1d91760347ed6 160376 squid-cgi-dbgsym_4.13-10+deb11u3_ppc64el.deb 4f05db6db3e95e0436e0ac9731fa07decf36fcd9 172396 squid-cgi_4.13-10+deb11u3_ppc64el.deb 23c81f6f9e92a5556c0272555025f22462606180 19025988 squid-dbgsym_4.13-10+deb11u3_ppc64el.deb 8e1c6fa7b9a1d77f1120a681eca4dc83be2476d9 21095288 squid-openssl-dbgsym_4.13-10+deb11u3_ppc64el.deb d50eb64c7829a91da8ab03ac7cae8f50c4e3a23c 2712688 squid-openssl_4.13-10+deb11u3_ppc64el.deb 1465beb911e098910862b96db969c159f6ba33ed 78052 squid-purge-dbgsym_4.13-10+deb11u3_ppc64el.deb 1b74d0730f4fe3f69fccb80394a86099d87d680e 161100 squid-purge_4.13-10+deb11u3_ppc64el.deb 2ea458ea0cc7ec1ebbb6cd81be937398fdafa005 10956 squid_4.13-10+deb11u3_ppc64el-buildd.buildinfo 8cf2c6922fa6dda922e0f8523343949cfc9ba7e3 2558056 squid_4.13-10+deb11u3_ppc64el.deb 2815631a0905aaf64c300a2c9f7872f85bb2bcd2 192700 squidclient-dbgsym_4.13-10+deb11u3_ppc64el.deb 58170f9a1c4d0048bf3303e6e3a25ba6d03e6cd6 172460 squidclient_4.13-10+deb11u3_ppc64el.deb Checksums-Sha256: ebdfe137055b7c82af74a9bf8ab6c7ffb3684654aa4772657b9ee18f1b95f4e7 160376 squid-cgi-dbgsym_4.13-10+deb11u3_ppc64el.deb dffd5a03ac42bfdff404dca557d79403c7e2622539153929c1122a417a0fee1d 172396 squid-cgi_4.13-10+deb11u3_ppc64el.deb 6e3a6b096f829a186f3a67bbbe5346fa88c34023e0f52c4df710d16923edfe5d 19025988 squid-dbgsym_4.13-10+deb11u3_ppc64el.deb 40aa95922a3631c6777b5642a6bdc3a599aefeed8e5b939227d0ac502faf1db2 21095288 squid-openssl-dbgsym_4.13-10+deb11u3_ppc64el.deb 7f749b0ce09c9012cb88238e0f0ad15a60ebd22968dfd8506501799ace7ed9d7 2712688 squid-openssl_4.13-10+deb11u3_ppc64el.deb 6a255486499c7443391dc2e9eebfb1131335cb1d930160281aba9825f12305ea 78052 squid-purge-dbgsym_4.13-10+deb11u3_ppc64el.deb f59bbafbc03359331580541dfaf56dc1eec6a0b8bd19ca19f256af473fa9c35f 161100 squid-purge_4.13-10+deb11u3_ppc64el.deb 839fbf844114f03a7f836b7cb2f837b8a7741641937f7d632850b9fd66199696 10956 squid_4.13-10+deb11u3_ppc64el-buildd.buildinfo 1193492dc55152381bfd33221992ad5dbc701579ff9f7a75191a99765f2feeb4 2558056 squid_4.13-10+deb11u3_ppc64el.deb 2ed168350a7a6454b3feadf641b62a6aec8787e3db56d5c689a584fbe741108f 192700 squidclient-dbgsym_4.13-10+deb11u3_ppc64el.deb d5820ad1b48d3ce66c9fe3fa9587a712845dcd4354d3a27f365a42e712bc070a 172460 squidclient_4.13-10+deb11u3_ppc64el.deb Files: 75e714353f32e51f7a4e7d2056300d6b 160376 debug optional squid-cgi-dbgsym_4.13-10+deb11u3_ppc64el.deb 9e9de5333158716deb1be588b0e0deda 172396 web optional squid-cgi_4.13-10+deb11u3_ppc64el.deb 3ade9ce3ef1dfe7a0c5024801d396948 19025988 debug optional squid-dbgsym_4.13-10+deb11u3_ppc64el.deb 6bd348671d370f28afe40f04a1738adc 21095288 debug optional squid-openssl-dbgsym_4.13-10+deb11u3_ppc64el.deb 1044b603b908d4a67c2d9295ed4840e3 2712688 web optional squid-openssl_4.13-10+deb11u3_ppc64el.deb a5f936aea93943e5090346aa8d5d5005 78052 debug optional squid-purge-dbgsym_4.13-10+deb11u3_ppc64el.deb 63e24ae53aea6d17702d43301ed1ffae 161100 web optional squid-purge_4.13-10+deb11u3_ppc64el.deb 709d1b0c3284fa6c72caf1af1a8fc1ea 10956 web optional squid_4.13-10+deb11u3_ppc64el-buildd.buildinfo 6e3b8e4cb06f25e21e4c4cc1651d5d73 2558056 web optional squid_4.13-10+deb11u3_ppc64el.deb 4bb0da6b83423dec08cd56197b96350e 192700 debug optional squidclient-dbgsym_4.13-10+deb11u3_ppc64el.deb 828201ebd6392b845cb2b337e8f419cb 172460 web optional squidclient_4.13-10+deb11u3_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHDNCkvGgp2XShfnByW8ECaj2byoFAmXqSUMACgkQyW8ECaj2 byo9lg//SlObrufHGuUez1HqKm0IMJDL9FEb/67dTzJiCf9NOVjNlMyEsWmBGqom rIs0V9fApqjLOKYn3ZtxseCw5gniTx7T+ESwsj67dOW08+wZXYqFtA2t9ikzJ268 vMSacMqM8rX2pVEaBwUMYzmSIg7QFOcjHGFlZJu7c3sPbU62HWKim+mWO9YSW+l8 FWaKhz1mjiHnWoEhr21fNOL5Zse50Dhe7JhD/TRcrEdHRia7LeBg3/7DzVTz/BR4 s7QxgwYT1C7zhE0E86Vn/TBTTQKhBVINJ2BtIxy62FgzkKDOQfNpjFgULQakaMTG Mg0FoF1vub2Kf6rfpZqRzNeWcEMIl6dELlRBRcV/p7rnD1bKm9TS0FW+/7zOne9b hLsTOEdaxnJJQxKqNBAdCkaS9fWswRCwQCdJwiPdmyi9DgsuQoxLnAebXsohk0oi OegRdOy4s4LVj12L/TD3CwsEzgri2qJymqKdtW9ngHrvQkhqLZR/OHseBZEih99i ZClS4dSkcEIO8dGqvGyM1H96TCYVO1bOCIPeDbu+M61HjCD3cIR+gUeFydpEJ+A4 SOWpPChaetJkXGcK4YSudqPjDqwJN9ag3JFjhewXGcqsHEysl8dMQujSo1P55dZC 20uLWtdoWYAgJitjq+Ti4j6OBp3nF9jQ8OiFn25L9HPV0jkn5o4= =SWDg -----END PGP SIGNATURE-----