-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 23:14:44 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: amd64
Version: 5.7-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (5.7-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848,
     CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638,
     CVE-2024-25111, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 9526d27a4ae94b3270b7777b34bff58dd704a9de 166436 squid-cgi-dbgsym_5.7-2+deb12u1_amd64.deb
 1ab2667f4fdb82be7638ce8301d2cefba5678bb9 162456 squid-cgi_5.7-2+deb12u1_amd64.deb
 a6773122a2b1a60e9bbeb6c5376ff322bf9fb77a 24024232 squid-dbgsym_5.7-2+deb12u1_amd64.deb
 c64801a8a48ff9c5927c493c87ded8d78f7d37a1 26396628 squid-openssl-dbgsym_5.7-2+deb12u1_amd64.deb
 307bf0e7825c15622f32411f7011c50163ff1ef7 3058280 squid-openssl_5.7-2+deb12u1_amd64.deb
 97949858cf648d99631530dd268fe53db7ea7ad8 87856 squid-purge-dbgsym_5.7-2+deb12u1_amd64.deb
 582eafe71a2973d0271d59f0128358fd1db5af77 152412 squid-purge_5.7-2+deb12u1_amd64.deb
 e03b77c016b9392058b23d51e1a6f31fd60f0f70 10272 squid_5.7-2+deb12u1_amd64-buildd.buildinfo
 c8340a04bda0973f14cdcc10c8f1fed7f3c812d7 2892940 squid_5.7-2+deb12u1_amd64.deb
 6ece80e492830505a4612b4ddf6843482a9c6023 202156 squidclient-dbgsym_5.7-2+deb12u1_amd64.deb
 b1d2222b327d4ddca99018693da860e6db4b8a5e 164424 squidclient_5.7-2+deb12u1_amd64.deb
Checksums-Sha256:
 2ec99d4a5a05cd16f33d33e65956984772e73c2a40a8b1efddec45c499496298 166436 squid-cgi-dbgsym_5.7-2+deb12u1_amd64.deb
 4977c4c028e0e09fe2471220f653978dfe30f8d114661be02d8410b59021ea63 162456 squid-cgi_5.7-2+deb12u1_amd64.deb
 1d7383f5086c104399a425990f05c1dde45cd4490082752383961a9fd13248f7 24024232 squid-dbgsym_5.7-2+deb12u1_amd64.deb
 6b4431a75e011e0786437186cacd7ebb54661738066613d03ca46a8bd53f9700 26396628 squid-openssl-dbgsym_5.7-2+deb12u1_amd64.deb
 7197835933789a503042035ab18ab16a9c0a22d733db3be0f5e26f7463de341e 3058280 squid-openssl_5.7-2+deb12u1_amd64.deb
 5ae218618b730336d276e35dad9a12ab1f0f8866db9533f9783142a69a2a7ae5 87856 squid-purge-dbgsym_5.7-2+deb12u1_amd64.deb
 8f0c70ff29185c76e7e24d9705924a47d8ef4c7c6e413fc704f15863fa2bd1d3 152412 squid-purge_5.7-2+deb12u1_amd64.deb
 28363c4db9f5665b06688ee52489fd29d12cdf8c8a90f9aa0e9df5f23fe3585b 10272 squid_5.7-2+deb12u1_amd64-buildd.buildinfo
 d7a7416f461d57ecbbe4b3a661b008b033ed170c5ae013f47d094a141c795797 2892940 squid_5.7-2+deb12u1_amd64.deb
 fb1974dd36716cc8da3159998993af3a6ceb70564dee010e6ab1d5a7f6e37fb9 202156 squidclient-dbgsym_5.7-2+deb12u1_amd64.deb
 bf2544b37666b4ad3dc888b3561434f1eb669c4a28527e0c4f994b4c4aa1a0a8 164424 squidclient_5.7-2+deb12u1_amd64.deb
Files:
 8762cce10f6ee635ca4e299e91b4d108 166436 debug optional squid-cgi-dbgsym_5.7-2+deb12u1_amd64.deb
 cca3c7dc88bdc883c8408cea78d97522 162456 web optional squid-cgi_5.7-2+deb12u1_amd64.deb
 9ef1090c124fde3945f17298391c8d7c 24024232 debug optional squid-dbgsym_5.7-2+deb12u1_amd64.deb
 dee3197c54e36e7048572ba5fe978369 26396628 debug optional squid-openssl-dbgsym_5.7-2+deb12u1_amd64.deb
 47d028459d3c15f92f3b5a35032df590 3058280 web optional squid-openssl_5.7-2+deb12u1_amd64.deb
 f011ac812e1a9a0f4b353d5c0f8702ad 87856 debug optional squid-purge-dbgsym_5.7-2+deb12u1_amd64.deb
 623f51ce74814c179b7feedd4758185a 152412 web optional squid-purge_5.7-2+deb12u1_amd64.deb
 7729dc1b4ae80f2db8f130816a012387 10272 web optional squid_5.7-2+deb12u1_amd64-buildd.buildinfo
 e7fa6709725b77618a05c3c22ef86cd5 2892940 web optional squid_5.7-2+deb12u1_amd64.deb
 6d11956663f9ab38a884f6cceb28c9b7 202156 debug optional squidclient-dbgsym_5.7-2+deb12u1_amd64.deb
 11ce2511a2ba49c2c6de1b60b9bcb44f 164424 web optional squidclient_5.7-2+deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE85oDfSLnwLkvY4Ibj5YjFeDZ0JMFAmXnthMACgkQj5YjFeDZ
0JMccw/9H+sGUiEnZ/myr+05VE8+xy3YrWyB2wxOtvoHykHzFD+lMQepdakVGemu
T5mUHFoUklWHdfI1W38j5m0pwxLQVkST8dPoLaix/7roXDA5pIfet9OBlsIJ5x8K
vWG0Dl6gla4j3jOg/Zw+6J5TDiz2yehD6bDzN8c4m/Gm16HRcNZ+w6PlFa2ym5qS
GFQ16oWcd6+aAvWICxiQ3XtZrN9d/xqwZm4ZC4fy4rokZn3PwUapy4M7Few4BTpz
EAJ1i8DeNTyUFkSZhL6g4T7DLeY7Vv+pntBiks9F4qEBOacYAYaKl9gqD4+GEu3B
ukyAwbUM+607+aGG95U057pxGNNNl3ewXlIikhvQsOsRfTIowONdlVZfcOYkH3ug
6MUeDWSUBYtedXQ8VFzV58kKdkzqmBYhUSSy5XPMJGeQ4zEgm+tBBV1E1ZtZRt6N
LjybtuvRXkdiiNfoP6sY2IwDpK0ktzd2ndMNVoNUf9zog6ZcVoRnxd322BjEYKB5
rQFIoLABXr+bGE1mdQNhx/AhpZKq93DImYX7uByjgoVvwwQFGmEBvQGNnZeOdo5v
eAfSgZU/ftFdmNxlC/ufJwLde1b8y/fsEgEPN6RA2Js3pJlXprjfuyvvHvJLC82B
aKs8ejDeflSXVA4fKe6YoF9WbqmPwW2Fi9b20VEm5BbTCr91YbU=
=MWst
-----END PGP SIGNATURE-----