-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 Mar 2024 23:14:44 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: mips64el Version: 5.7-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: mipsel Build Daemon (mipsel-osuosl-05) Changed-By: Markus Koschany Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Changes: squid (5.7-2+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload. * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848, CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617. * Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management. In regard to CVE-2023-46728: Please note that support for the Gopher protocol has simply been removed in future Squid versions. There are no plans by the upstream developers of Squid to fix this issue. We recommend to reject all Gopher URL requests instead. Checksums-Sha1: d43ad84fa5c83fbbf8ca40602ba410a119e4c90f 170288 squid-cgi-dbgsym_5.7-2+deb12u1_mips64el.deb e8bd8f6a1defa3154572f79a9e9b91d1fcabe68a 163548 squid-cgi_5.7-2+deb12u1_mips64el.deb a4561be0e071d82c3116dc3d4629b3457017ca74 24008952 squid-dbgsym_5.7-2+deb12u1_mips64el.deb 2f3efdffdd4c16d8f61ad3035bdf7fbda4359bb9 26333372 squid-openssl-dbgsym_5.7-2+deb12u1_mips64el.deb 48b79b34d409198233f109e15ed1ef14ee976761 2411988 squid-openssl_5.7-2+deb12u1_mips64el.deb da76db29bd05af7ae85f0a62fe4fe81abde32581 89876 squid-purge-dbgsym_5.7-2+deb12u1_mips64el.deb 85eeabfa51b0ad2b3a3d7babb663dc682d62db26 153460 squid-purge_5.7-2+deb12u1_mips64el.deb f30d6fdf4f9037e06774246e3ddc977d32cfb1b4 10196 squid_5.7-2+deb12u1_mips64el-buildd.buildinfo ecffc5494138e5b34d8f7ed9e2c1c920b954d78e 2273792 squid_5.7-2+deb12u1_mips64el.deb 828fe2dd67f08257665f19a1a9172c8dd4670ec0 205644 squidclient-dbgsym_5.7-2+deb12u1_mips64el.deb 304913738205bfd72c2c878f79a4e51aef43459c 164408 squidclient_5.7-2+deb12u1_mips64el.deb Checksums-Sha256: a87a78a3eb18b495b2e10432f1aec6227393e5ece8e9e15617fa604d08f3bd23 170288 squid-cgi-dbgsym_5.7-2+deb12u1_mips64el.deb 6df9f532bf1c8f9f3af42cfc843550024d075783b03873937737a642ae8308ed 163548 squid-cgi_5.7-2+deb12u1_mips64el.deb 31810a0d9a59f0208029c253b774a86bfa5939342262714037f91d1114ce5c31 24008952 squid-dbgsym_5.7-2+deb12u1_mips64el.deb 424c62752dacf2e69f11e35b2abc78818a96ca85561767770af2bfdc4b5d529b 26333372 squid-openssl-dbgsym_5.7-2+deb12u1_mips64el.deb d070e15b57a28d4ce3eb6628158b63102b1a8ce9808329d022864977f86fef92 2411988 squid-openssl_5.7-2+deb12u1_mips64el.deb 49647fc40a1ed597057ab37a5a255acc62d7c5dd6be098f68afe1c23e0a3c01a 89876 squid-purge-dbgsym_5.7-2+deb12u1_mips64el.deb 2f0a389932a321a5add98982aa647f8b62ae2bf9ca3eff6d5f9d058071a5f8ce 153460 squid-purge_5.7-2+deb12u1_mips64el.deb d1902b09e957ccc2e6647b1953b02f459e1e7caab5b47f41723e8c21e3193405 10196 squid_5.7-2+deb12u1_mips64el-buildd.buildinfo c8be26c26a1f1d437ecf897b6bd7cfa441c37193600e20349d5d35b31346cf01 2273792 squid_5.7-2+deb12u1_mips64el.deb 39bcbb02daee4bab846fba2db1982571426874a1a273d78da13972201bc330c0 205644 squidclient-dbgsym_5.7-2+deb12u1_mips64el.deb 7efd8832475f707ae32c1e114b92af5363db8d6a9e735c62b8bbf60136b32a33 164408 squidclient_5.7-2+deb12u1_mips64el.deb Files: 0813917bf6b52cf67a93a6b500c6b08f 170288 debug optional squid-cgi-dbgsym_5.7-2+deb12u1_mips64el.deb 55f44894e6a234aec90ee18e8cbf83e8 163548 web optional squid-cgi_5.7-2+deb12u1_mips64el.deb 6b500b304286a7258f12dc7dddf54ddb 24008952 debug optional squid-dbgsym_5.7-2+deb12u1_mips64el.deb fb49afbc600e8e5ec192b1682d163115 26333372 debug optional squid-openssl-dbgsym_5.7-2+deb12u1_mips64el.deb e5f00871372f04f4ed93a87eecc18ead 2411988 web optional squid-openssl_5.7-2+deb12u1_mips64el.deb 7c3f3d1417d94aa2bcc6cb94bf428835 89876 debug optional squid-purge-dbgsym_5.7-2+deb12u1_mips64el.deb 3c91ada11b329662f60939bb66f6819b 153460 web optional squid-purge_5.7-2+deb12u1_mips64el.deb f7d524f6d99965b4fab24ac51db8da65 10196 web optional squid_5.7-2+deb12u1_mips64el-buildd.buildinfo ebb3be62d6648c16bfec83d07d372864 2273792 web optional squid_5.7-2+deb12u1_mips64el.deb 4676e75cc00d10c1c98515384dcc795c 205644 debug optional squidclient-dbgsym_5.7-2+deb12u1_mips64el.deb 7e8c8165b4ffc7a66c8773f36d66397f 164408 web optional squidclient_5.7-2+deb12u1_mips64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuQAPGkYIXAAfq7z1C2Vm2FYVKKAFAmXnyOgACgkQC2Vm2FYV KKCaiQ//ZqJyzjDG4nkCmr7D0HwcH3kCUtOUpL2Bid21c6QTnxdReSEzVC0Wc7WH 00+F1vkKwACskGq7c/8ZFXpme3U51riyIFZyzLMT0OhNYD2FVu+jNkcT0EJOaiTi BOC7T0rIw2+k6TgbIjQb49qwxd3JgaFPJFADOb0EdeNfE9v07p1T79gHC/RfqcRM 2sCigXLf+wHFtD/RckARjQc5GFj8xsr5lj+oWbHrQUF6RvKLEla9mxN4sXBEJDfZ qSqlpOXMjM5q+IyPMUyG4R9K+RTcZSOM3BOBJUD2WNBI33TFxxHNiW+8k+JeaqEz zP/2MpGupXnb8C3CWpYmXDHrAWlg0GoDW3qVlRYiayke2B5wlwF3vwwVIWov/EIn xmCxv6/QKuQ5159Xc94BWBCFuCe40G5Bwt7rSphdseh3MhILyFCuUJ4ttaO+bKca FKg2lLjP4732S8bTmv7xlPCOwkEEs6KM1PiREczntRHUUUgg22aWhenbsI7Imcv+ tZkDp8XibT/l+N6OmNPF6cy2u5tsMZ5lKY9q4Krf1smoT1SBQ95d+vrN2g+vINSv eW+pTWRkY70lyHMIG189Qht2TZPKPbjEQhb0AZaTCxPLnUndHZZ03C47kIsUNBIs blc7m4VJHr/c6UK5Em4t3MqWdyM8WTrn1irKJEOMCMNisCoRkd8= =AK0e -----END PGP SIGNATURE-----