-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 23:14:44 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: armel
Version: 5.7-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_armhf-arm-ubc-05@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (5.7-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848,
     CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638,
     CVE-2024-25111, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 e0c56b21d6800019f0b60205698eacf4a1b805e4 162544 squid-cgi-dbgsym_5.7-2+deb12u1_armel.deb
 4c9ed651128df0e669bacf9eeda593aac945358b 157484 squid-cgi_5.7-2+deb12u1_armel.deb
 f23d603a24d99a90d7c03495666a19cb634ea38f 23298132 squid-dbgsym_5.7-2+deb12u1_armel.deb
 5ebac1b66f18006e2db7519a291f2edcd4e0cea0 25537152 squid-openssl-dbgsym_5.7-2+deb12u1_armel.deb
 10b1002e3e1ff08af9b9a5a8066258ff4582bd2a 2698400 squid-openssl_5.7-2+deb12u1_armel.deb
 d82b50a4f32fbfcc62630778e76fd5033aef87e0 88248 squid-purge-dbgsym_5.7-2+deb12u1_armel.deb
 58ca6bc7161bfee3ed8b18c56912be30793de079 150412 squid-purge_5.7-2+deb12u1_armel.deb
 6c49cf77462c90c22fefc1e173c62d4243e93458 10145 squid_5.7-2+deb12u1_armel-buildd.buildinfo
 8a7e65460304d79517e1d6ce4c587a2f5541e4aa 2557188 squid_5.7-2+deb12u1_armel.deb
 a3b373ed7f05f1c5b610fed518f75ade7f9a2dc4 200204 squidclient-dbgsym_5.7-2+deb12u1_armel.deb
 6a05d4f12a61e8752b238461cc753b86d2ef24e5 159744 squidclient_5.7-2+deb12u1_armel.deb
Checksums-Sha256:
 5103c569ab464aa7ef9be7899c25ddd1de506ee818b1ad19bf45c0268b15f91b 162544 squid-cgi-dbgsym_5.7-2+deb12u1_armel.deb
 124c5607cf22006d849b203f59bf0e667bcf76b7349bd93ca048e87fe139aa40 157484 squid-cgi_5.7-2+deb12u1_armel.deb
 3b558b7f92b25b31fa45da2447515c29f1927af0210440f5a79fb9f7ab536c6c 23298132 squid-dbgsym_5.7-2+deb12u1_armel.deb
 89a8419c68caf3f25521ae1fadd3af307e8edee7aadf8174a92a23fb8f410a9a 25537152 squid-openssl-dbgsym_5.7-2+deb12u1_armel.deb
 e99de57d014dfc9abc2ef95c10de5b82dd638340554815d85b7022cf5813a715 2698400 squid-openssl_5.7-2+deb12u1_armel.deb
 8628228f01f29d4cc02677f565b424a708380b824a16af5eb847d6a04092eb3a 88248 squid-purge-dbgsym_5.7-2+deb12u1_armel.deb
 5a1f30c70bb2699772bb83abb66f39dd5b3764d7dc1714f951d1de74d8a30fbe 150412 squid-purge_5.7-2+deb12u1_armel.deb
 db209d13cf206d2727e4ac6820c8430e11e6b39840198f69f7637979db32ebad 10145 squid_5.7-2+deb12u1_armel-buildd.buildinfo
 4b1dea00ca3066894a2360b7e2e7f01779cb2570485a7b06a4a6514c3ce1f436 2557188 squid_5.7-2+deb12u1_armel.deb
 5ed005ca2fd9a35d62d630d0910c427468d9501fa97e8c04e4066a5e20f596ac 200204 squidclient-dbgsym_5.7-2+deb12u1_armel.deb
 fa0df8f8cc0ac94f225dfb3bab87285ee74bf8c17d8f177c08060d9e91ae86fd 159744 squidclient_5.7-2+deb12u1_armel.deb
Files:
 5fb1465012c08fd2b0581c5d1e5173d8 162544 debug optional squid-cgi-dbgsym_5.7-2+deb12u1_armel.deb
 aee7a2b88ab5dbeb3e9ae9d61ad13b57 157484 web optional squid-cgi_5.7-2+deb12u1_armel.deb
 db628c4498200f8ff6c5e00ad5708b85 23298132 debug optional squid-dbgsym_5.7-2+deb12u1_armel.deb
 03c2f182130462a0cd9cffc30a943b0c 25537152 debug optional squid-openssl-dbgsym_5.7-2+deb12u1_armel.deb
 ef86046239d0ddec081832cac6e82c9b 2698400 web optional squid-openssl_5.7-2+deb12u1_armel.deb
 37a84ed333825715836b01ce8a5ccd58 88248 debug optional squid-purge-dbgsym_5.7-2+deb12u1_armel.deb
 0d23f80157d68d9568dba104cc3195ab 150412 web optional squid-purge_5.7-2+deb12u1_armel.deb
 6825fda7ade98fa495d202056b2f66be 10145 web optional squid_5.7-2+deb12u1_armel-buildd.buildinfo
 1b1dec2561b27403700974a120751eb3 2557188 web optional squid_5.7-2+deb12u1_armel.deb
 f4b880c02e923654501c5c84698f4c62 200204 debug optional squidclient-dbgsym_5.7-2+deb12u1_armel.deb
 93736bd12cc4087374ecb6d3193d6d2d 159744 web optional squidclient_5.7-2+deb12u1_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEKGUG2wrbdK8nNLJy1gmokJM6hDEFAmXnw1kACgkQ1gmokJM6
hDFelg//W6ujGSZHCYQKm+OiuFPS/E1OL6En5WoSxIekFsDqO2IePtiTBL7ZpBUr
ZzAFfgqL6w7k+24hQOtiDUl4Y8TuNLwTNF2wmx8rdgzDqNQah+aEs8g0KgwcUSU9
biROgTKQ9cR1Ms7iipo2zoW3sfKjLH+CpxeuWcvItIWWlDomJKVtOj7AGkMpAe5z
5e3GsCC5pFsdzoBVlV0dcYqOuulIzfGxqXt72z/mmTV/aCkVkRxmvoFKqRoHjmpy
k90CvQ5Y2kgU6GHTKksqoANbJ7XdkXPQ8PQVtassR4Is2SNvbsoM+hE1f9LLESsc
41tKLvTIkHA8fUJTZouc1M3eTmFr9/tO7XDsMOXVMW6cMpQ9IexSg7IJbHEI88q9
bRgT8tJbE+8bQrGfLLp2yjVwUYYWi4qpTkzTWqF+gyX5qJsfrnnRoezURQKSR7tn
79QS5ML/Vulshvq9PzRhspkdx64G+TSL8FmW4wyJd3Ky2tReZEGS7asFqkwYIiY4
AihXNHhhBYOsy6kPfGomL5FklMAhXBM36JFjWCaq02vPdx5iXiVE9G4MbW0Mdbe5
P8adQG6hb2kyy7Z4yqDGYdFxkcjsO59P4F5dP6cqDYU34MCGQZ6euz+1M0vJjdgW
2rJ9ZZnhcSIVyKtFfZJlInsxxFwQrWoILw28oC4ni/K7op7wKpM=
=RnzJ
-----END PGP SIGNATURE-----