-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 23:14:44 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: mipsel
Version: 5.7-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-osuosl-05) <buildd_mips64el-mipsel-osuosl-05@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (5.7-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848,
     CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638,
     CVE-2024-25111, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 04cb2b490844dae569d8622c3e9b876f0ddd7c8b 166060 squid-cgi-dbgsym_5.7-2+deb12u1_mipsel.deb
 aafc7e4019a576aa0f31887cd51e680bd0b5ddb6 163280 squid-cgi_5.7-2+deb12u1_mipsel.deb
 f4c088fbcc70c83eb0b89ef5fcaf009535362c77 23469676 squid-dbgsym_5.7-2+deb12u1_mipsel.deb
 d2cd2a5f15a04f32e6302030c014796b1783887e 25718180 squid-openssl-dbgsym_5.7-2+deb12u1_mipsel.deb
 a76b639b3b72ed4f1df3e01337eaaa2ccc0e498b 2426688 squid-openssl_5.7-2+deb12u1_mipsel.deb
 aa8cdeee5b55c0ba1dd8dc8e020a7a69633ce553 88460 squid-purge-dbgsym_5.7-2+deb12u1_mipsel.deb
 e03064102c0af9a52910745e8f7e1dde53efda8b 153368 squid-purge_5.7-2+deb12u1_mipsel.deb
 81f52fdb38dce952532e0ff223ee99927112cd47 10125 squid_5.7-2+deb12u1_mipsel-buildd.buildinfo
 6dbdc2345fa614e2015d9ca2c3b04ba58bb45e20 2294700 squid_5.7-2+deb12u1_mipsel.deb
 8bab1f7443209e47652708e8dc76e933045e860f 200664 squidclient-dbgsym_5.7-2+deb12u1_mipsel.deb
 310ba7c26df6235667e41c34432fc617bc8a6cdc 164112 squidclient_5.7-2+deb12u1_mipsel.deb
Checksums-Sha256:
 6a76d694571e75f2f9844f313a1ddf86c461018775ca4d7020b49f2969ea1938 166060 squid-cgi-dbgsym_5.7-2+deb12u1_mipsel.deb
 17abb06c5d5c42193a4adac7ac3ae01c5bb6184088eb5a212d752f5a1cbb76c0 163280 squid-cgi_5.7-2+deb12u1_mipsel.deb
 918a21ae300c555bbe0d63dde55b202152f91350fdadd1bb1e4e090d7a4f9cbc 23469676 squid-dbgsym_5.7-2+deb12u1_mipsel.deb
 3317725f796305f901d5e2615e9d55fcaca67ae8d64163a9eadd44e79f1c614c 25718180 squid-openssl-dbgsym_5.7-2+deb12u1_mipsel.deb
 fc5685304ec4ba389093dafb17cfc09fe2f8316ebbc306230bd6fe66e4551b98 2426688 squid-openssl_5.7-2+deb12u1_mipsel.deb
 409887f2607fffe97c001ef058b54ada3b04a081876ad97c31c92c1ffea5928d 88460 squid-purge-dbgsym_5.7-2+deb12u1_mipsel.deb
 65f0849632c081cb4eb0a8d153528f9f30723e7081356392af7fdb65843af92d 153368 squid-purge_5.7-2+deb12u1_mipsel.deb
 c37c7b245dd7affabf544a73f900ae606ea10f1a99242ac680b337d3474d9009 10125 squid_5.7-2+deb12u1_mipsel-buildd.buildinfo
 b674950f818d8e4877e604f2f2bd003a2b0a47ad3679dc357a51ab817610d93e 2294700 squid_5.7-2+deb12u1_mipsel.deb
 54a10f40f2128b1a0484d9e52373f5cbdeac9cc13e6e6ae4bfb75e101336b12a 200664 squidclient-dbgsym_5.7-2+deb12u1_mipsel.deb
 9c12ce5d0015719c65c68c56e2365f08590066f8d06d3d267540536952ecb42f 164112 squidclient_5.7-2+deb12u1_mipsel.deb
Files:
 37c6398af2379a6a26a9a25726b916f9 166060 debug optional squid-cgi-dbgsym_5.7-2+deb12u1_mipsel.deb
 44a8952cbac36bfd7645cdfed1699ee5 163280 web optional squid-cgi_5.7-2+deb12u1_mipsel.deb
 7ce1255294fce2d77bfbc7686120343c 23469676 debug optional squid-dbgsym_5.7-2+deb12u1_mipsel.deb
 b2198bcf3d3127335c00329fafc9d291 25718180 debug optional squid-openssl-dbgsym_5.7-2+deb12u1_mipsel.deb
 84af621fabfa1ee7f0a28d6faa43a12b 2426688 web optional squid-openssl_5.7-2+deb12u1_mipsel.deb
 7db33af88069d3cd298e0b73a1336f4f 88460 debug optional squid-purge-dbgsym_5.7-2+deb12u1_mipsel.deb
 e32d07ff72e7d736cad5fcf9d0f9a8e9 153368 web optional squid-purge_5.7-2+deb12u1_mipsel.deb
 4a55596ae211f3c08e602f15c2a02638 10125 web optional squid_5.7-2+deb12u1_mipsel-buildd.buildinfo
 63465fe89dde769ff127a05d099c21ed 2294700 web optional squid_5.7-2+deb12u1_mipsel.deb
 8f0503029e369e8b0822026d32d3fcc3 200664 debug optional squidclient-dbgsym_5.7-2+deb12u1_mipsel.deb
 f84e36b73ad590390767933db9e6579e 164112 web optional squidclient_5.7-2+deb12u1_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEuQAPGkYIXAAfq7z1C2Vm2FYVKKAFAmXnvFUACgkQC2Vm2FYV
KKAnWw/9GjhmAMSkmHE2jdlkWiUo+1pYnJlggpFAlKPuGdkSVo+vPdRN5PZ9X6K3
n+WEXYzgm5a2FCojxCVk/VSqWptDi6+NnSfgNb0HQFt3AGu+ROkbq+a3rZ2oehUs
97kiyyLkwaFBA663nPdlKUSSS/Il6C0Do/REZZTg1DM+Jx8CXX1mg6N8tsyDz1Sd
1TMQVveFZcMb+SunjRAjh5uPx00jd/tbHmAIdUYMSQioenAqkTnpq+wNcZRNcILM
tuS5xwHpcjLSHjydy9mQsxe95uhEk9+10ZyBUu2TCLFktj594blPeSC4nfUEzhVF
AZXlRVHYOet2CEKZLrSZ3TAhJijmqLtDfyWWV0KaUb5M9QR0IjCOvIYhVCGZHhWz
s8nOpK+fIx56XlIigF/iRwjqQaqt7vtYNYZJxnJIn+j/UCy11B6sy2cStra1o7R+
b2SwjEbuPeHVIQxzYRfHo4gK1VpF/tM8skXP1uJn5WmOheHjgTdhNx9826RpLSet
4ereZErolwH4zwNOIoOYbjSbwmC6z3hi8pZKH8kosAr0gRw0BMo2LpgQfqyL8x7r
0buU4N62jCvdBAf7O5dh5E9F9Redtbq8HHCaC6iTdAUnFxGIQZCBMOW5hA4+GZIB
pBq+BX/Y9IVg1nSLrZ3uxgFfDkhj2kQLZPBSSdW8Np53dWxUJG4=
=RRbu
-----END PGP SIGNATURE-----