-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 23:14:44 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: ppc64el
Version: 5.7-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (5.7-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848,
     CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638,
     CVE-2024-25111, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 28a32dc350e0dfcd3356776aaff1544243dfdb60 169344 squid-cgi-dbgsym_5.7-2+deb12u1_ppc64el.deb
 c1ea2eee1e7e84ae2133c5a11a91b74181e8341e 165120 squid-cgi_5.7-2+deb12u1_ppc64el.deb
 9f3436ba5ffdb1bd0fd09d7684d0fc73c2f8131e 23789960 squid-dbgsym_5.7-2+deb12u1_ppc64el.deb
 0fd7d52adc5ccaeaaaee3112f440eb3ba2fd1a64 26113080 squid-openssl-dbgsym_5.7-2+deb12u1_ppc64el.deb
 d6b804490518698fad96a8187cc6e6d367cebe41 2937076 squid-openssl_5.7-2+deb12u1_ppc64el.deb
 a3f3117d2f87ad1bb01a481860454df8e72603e7 88912 squid-purge-dbgsym_5.7-2+deb12u1_ppc64el.deb
 3b31801fa710c96c0cfaa30137e4dd7db699e201 153264 squid-purge_5.7-2+deb12u1_ppc64el.deb
 de9523615aed7fdb6aa32e78785f96a964bdc173 10316 squid_5.7-2+deb12u1_ppc64el-buildd.buildinfo
 ce3db55d44f53a08b249bc97ab99a0ae380df251 2777152 squid_5.7-2+deb12u1_ppc64el.deb
 eb7ecb785faf7500aafaca1e22b5f6a26662a49e 201720 squidclient-dbgsym_5.7-2+deb12u1_ppc64el.deb
 75eab3c7a52002bc2f48d4d18f413817af36af4f 165388 squidclient_5.7-2+deb12u1_ppc64el.deb
Checksums-Sha256:
 43e8bdfe87f8bc6094a244a34ca4e14ae5333b23551531a72c9ede4d191b4a30 169344 squid-cgi-dbgsym_5.7-2+deb12u1_ppc64el.deb
 cb228cac467ef9ba27a6f48474499c53b362192dfb242b34da99439f36803779 165120 squid-cgi_5.7-2+deb12u1_ppc64el.deb
 40420e166ef3ace1e0cc407eba791e71663332ad122751dba86a1cc8a7250d5f 23789960 squid-dbgsym_5.7-2+deb12u1_ppc64el.deb
 f3bb64c2344909378c3d31cae9106d39226f096e840e15be5ed93d620b6a3af2 26113080 squid-openssl-dbgsym_5.7-2+deb12u1_ppc64el.deb
 affb126e9434f55c4c6783f7a06ce2305bb5439e62abf2c2941953f9cfa8ea92 2937076 squid-openssl_5.7-2+deb12u1_ppc64el.deb
 2b722b134f625b7322e7664343e5f4021ceb69f97c4b5b39db10466c1fdb1a96 88912 squid-purge-dbgsym_5.7-2+deb12u1_ppc64el.deb
 942ab36aab949e9986f46ac9b76f6206f13e76330bdb8506428230ffd62da5e7 153264 squid-purge_5.7-2+deb12u1_ppc64el.deb
 1ad908b85079b3c5f53ce01f00fef8429e52a8d97bb0834258aa94137e5674e2 10316 squid_5.7-2+deb12u1_ppc64el-buildd.buildinfo
 3994615e6c3ded295c4b182d39cff921df00b46473264a15caf1f6946b911b40 2777152 squid_5.7-2+deb12u1_ppc64el.deb
 755275500accb74f36701d0de7e3d050ed709a27c617583efb3b9baff69316b1 201720 squidclient-dbgsym_5.7-2+deb12u1_ppc64el.deb
 d9cf9a504f089386e3e919e3eba7a15a811d818f7f775f7cc526b180bf706259 165388 squidclient_5.7-2+deb12u1_ppc64el.deb
Files:
 26770795eb1b4266c7fe77e78c69c597 169344 debug optional squid-cgi-dbgsym_5.7-2+deb12u1_ppc64el.deb
 37abd32d3c9f48133c5abc5111505f22 165120 web optional squid-cgi_5.7-2+deb12u1_ppc64el.deb
 035ceb64478461bb994d37bf7df43818 23789960 debug optional squid-dbgsym_5.7-2+deb12u1_ppc64el.deb
 141c0e8c2e156a59a10dd360ebff5358 26113080 debug optional squid-openssl-dbgsym_5.7-2+deb12u1_ppc64el.deb
 b17024ce0477c456281cb698708cee5e 2937076 web optional squid-openssl_5.7-2+deb12u1_ppc64el.deb
 ba2cef856f9e07c6242890b916ddf15e 88912 debug optional squid-purge-dbgsym_5.7-2+deb12u1_ppc64el.deb
 8e6b912f49c71c73d0403f4de0fe43d4 153264 web optional squid-purge_5.7-2+deb12u1_ppc64el.deb
 6b2fa1fd0dd077967f57f31248c773b0 10316 web optional squid_5.7-2+deb12u1_ppc64el-buildd.buildinfo
 522553ae7dfab75a32837529caf9ed6e 2777152 web optional squid_5.7-2+deb12u1_ppc64el.deb
 711e763fe41632ac3ae3ee903566f672 201720 debug optional squidclient-dbgsym_5.7-2+deb12u1_ppc64el.deb
 2f4e3333c1e637d2d5e1c33f1bcca284 165388 web optional squidclient_5.7-2+deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5hbnFkJlczvLwwS0Y7DdE4sWZ/UFAmXntVUACgkQY7DdE4sW
Z/VG5RAAwpa7NKsK/0XHepgbc33d7CN5TAMjJhuoOu/vLsM79YCQCVDMb+mUcGtC
S6rnku7wpxXpgzL+ecHaufNXHncSB1mFEHakXTyqlGbrwoNcF7yFl0hXpaFYkecS
UCvqhlkMbZtlD8ShXleeTc3dGPb9/PoYHlM89mLmz+VNTrjH1+epbjAbVB22QB3w
AxTg2BZTkXmfGsQRJKPkYS8vSWWfuQMKQ2QXPJmqod2ZpVoi1Kd1THA/WC300+v5
GX90LNBRIEMUCJ62R8db4azhoa8DUhj4rXJ21sIkRzHM+Vvl+cuDR14Fld5vo4kB
3lK/PzABllPzGCK52ENjLhc1Z9TgQJchkr2/KUhA/5WLURn850mhNpCC90/E5cgc
nPQeZKtl1wmJ7nLsZTCw8Dgb06OtgPqBi3XcLL/OukvOmbpuY7QlyEXS3yQlr+hi
VWAZNSD75ePjNqIvPlJtTYE577zWx+MKYgGssQm2RHlSi1glmD9nrAwTJkEgWLSu
RkO6fl+J+Umcx75JIZDWeVp7g48yJtJm0G3u/hVs4VofAlFdLCL/P92JR15C+2Zm
jdh0bB1rxJjfMFrgF8H3fpQcSq4dqxF5vnb6/+ksb4TNCDkQlPvR5cWicJiH++3G
4BQlQHrkbi9y8hkrlIhqs5B/5+vq3Wk0VPIS85bX38iROkE9aeU=
=YsY5
-----END PGP SIGNATURE-----