-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 07 Mar 2024 20:52:04 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: s390x Version: 4.13-10+deb11u3 Distribution: bullseye-security Urgency: high Maintainer: s390x Build Daemon (zandonai) Changed-By: Markus Koschany Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Changes: squid (4.13-10+deb11u3) bullseye-security; urgency=high . * Non-maintainer upload. * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25617. * Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management. In regard to CVE-2023-46728: Please note that support for the Gopher protocol has simply been removed in future Squid versions. There are no plans by the upstream developers of Squid to fix this issue. We recommend to reject all Gopher URL requests instead. Checksums-Sha1: 4d6b8abf4048b7f00cbccad0dc79a53e99bd535e 159600 squid-cgi-dbgsym_4.13-10+deb11u3_s390x.deb b974dcaddc77c5f814521534bb854b1ec5217144 167648 squid-cgi_4.13-10+deb11u3_s390x.deb f948eca7a2ae5b06c1bae9b176d89b555e5329fb 19185244 squid-dbgsym_4.13-10+deb11u3_s390x.deb 007c54f693d422f6eb24470e5cd264520132b42d 21252708 squid-openssl-dbgsym_4.13-10+deb11u3_s390x.deb e81479d082782fd7dad38a4c6daba3eb84fd52a3 2456740 squid-openssl_4.13-10+deb11u3_s390x.deb 95f6468d1eec1c0db83028731747bd9f4dc72a93 77512 squid-purge-dbgsym_4.13-10+deb11u3_s390x.deb 67cf19c1998cf8efefb0f59c65a544b91a396345 159008 squid-purge_4.13-10+deb11u3_s390x.deb d3a692b13fec9e2ba0e9262d1019aaa310299f96 10810 squid_4.13-10+deb11u3_s390x-buildd.buildinfo a9c082a8948f5146f26499f43f428728d4981561 2316200 squid_4.13-10+deb11u3_s390x.deb b818a6fe41bb5589b4747667b291ae669836dc0d 196116 squidclient-dbgsym_4.13-10+deb11u3_s390x.deb 8df3adbad4ebed11640f16ac664adf8a4fec3612 169296 squidclient_4.13-10+deb11u3_s390x.deb Checksums-Sha256: b59146c2979639034637ff7236039fdf304ead884eb07aa4a3787011a48829e9 159600 squid-cgi-dbgsym_4.13-10+deb11u3_s390x.deb b94ed6a8630346a16348917b7906742982d86e9d87df28585084c81c48557129 167648 squid-cgi_4.13-10+deb11u3_s390x.deb 8d7531e7c9509579a9e677b3d5c47f630a30f158c937134227a8dce4ecda04cb 19185244 squid-dbgsym_4.13-10+deb11u3_s390x.deb 2d511aa7941831c952350104a3ed9b405962bb6c5af73bbe8180699821e660d8 21252708 squid-openssl-dbgsym_4.13-10+deb11u3_s390x.deb 2f04719031c467db533df6d4763fd150d781d4de3947833187765a2d4d055319 2456740 squid-openssl_4.13-10+deb11u3_s390x.deb 6ecb5b7572f4a6869da26955421d36537a06c0c67893b192020dd1fcd582d84a 77512 squid-purge-dbgsym_4.13-10+deb11u3_s390x.deb a558405688aff42762cb87e7b407fc0f347a741a755aa6b4b37ea12bd2f8550a 159008 squid-purge_4.13-10+deb11u3_s390x.deb b6376948bbfe65ec7d1e0ef2b51240bac4a472db44fae71f9110d722d3fd4be3 10810 squid_4.13-10+deb11u3_s390x-buildd.buildinfo 99f81e6b9410d8e5d06de567bda36c07e9f25640f5b8b62d75b5ed2a5dd0b2fd 2316200 squid_4.13-10+deb11u3_s390x.deb e3da9f6fe37ad1a9a8b2cf6aa891e054f7a9bc211c8e834cbb59a0ea5fe0bc07 196116 squidclient-dbgsym_4.13-10+deb11u3_s390x.deb 87931223f4eaf5f5a4fb19b08eda832ce97ef874b5125dd949f8801cb5f9c405 169296 squidclient_4.13-10+deb11u3_s390x.deb Files: 89bc0eced67dd4271ad66bff479ba077 159600 debug optional squid-cgi-dbgsym_4.13-10+deb11u3_s390x.deb 6fe49ab2ffec7a44091983de04c0f3f9 167648 web optional squid-cgi_4.13-10+deb11u3_s390x.deb 03b0bcedbdb846ac36d8cfc88e9a67d6 19185244 debug optional squid-dbgsym_4.13-10+deb11u3_s390x.deb 81394cbd70ec21a2d283ecab507db6e9 21252708 debug optional squid-openssl-dbgsym_4.13-10+deb11u3_s390x.deb cb1804a749d82aa4c917c1bc523de326 2456740 web optional squid-openssl_4.13-10+deb11u3_s390x.deb 07e53e869208fecfd27fa9286755b5a2 77512 debug optional squid-purge-dbgsym_4.13-10+deb11u3_s390x.deb fd0e1d5b04d71029b3a2e43f9271cded 159008 web optional squid-purge_4.13-10+deb11u3_s390x.deb 4085a748064bb1a7ffe1dfb5a5f3ad6a 10810 web optional squid_4.13-10+deb11u3_s390x-buildd.buildinfo 8dc44427c1daba6b318ab691d8bc00b0 2316200 web optional squid_4.13-10+deb11u3_s390x.deb a6d38bc251d13ed3f4cc967799c1ffa6 196116 debug optional squidclient-dbgsym_4.13-10+deb11u3_s390x.deb f824a9a891be25bd532bf9a551062fda 169296 web optional squidclient_4.13-10+deb11u3_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEctqRAwcjFMIrbct74euoNlQ3ywQFAmXqSe4ACgkQ4euoNlQ3 ywTmXQ//RGmaxw6aNFEjMKUh6BMRaaILaT4uUcXY/LnM8kHFHlPo20nmP2p/tSGx SPljwLad3OkrrSfBzBGR8BpcGSTLiV836LZfJxSTB/m9htKBmwyqJiswPmcD0Kq0 RLQXdhZgezLUn+2njBqIDmHP36l4bWW+pyYShMuJlKR+3JV0MNPiCzBRsiq8QF88 ndiaPg5JWrjI6ifmQIwb3Ppz+r4arl1V6rH3u4zJ8hiJQ3RdUUYg3s7mxxb4zgHS FEo3/UtMB6DTFN4UzR8mnuXNT6bGX6Rkyzcg5yIUI/sbuR6IH1ip+hCuNU705s8J RdXN/jWsxoAlmN6HPrFRSY3unTZn3bEbB6v4Ygj1lyYTiV7S/EktOWt4575vEgmo pX4kZxjhF45OckJ8zPC2vEOC1BkxPhZK6crbiY9aqsHly99BNgsDf5ODK68bO52m q/4eU9P4H/sbToHBdofUewcYpHTUNVHeV2TycaNoiaKvQw0BihJkci5hVc153mhL U350fy6Y3wKuxYOSJRRlrYiaz3g+QEHFLmRJszSSJcubff+XKeCsNADMsyMcfx62 eUwFEde8C0wXwUFUzg8+bHfXbmBDbk8zEzC1052U/EXP0lIZXLGt5eeGWKgVVRpf zGPN66DP2rEVU5NjTaieau9bNUM8m3IeWdsvZwUa7cnBgZd0DaI= =6kFP -----END PGP SIGNATURE-----