-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 07 Jul 2019 16:33:46 -0300 Source: squid3 Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi squid-purge Architecture: source all amd64 Version: 3.4.8-6+deb8u7 Distribution: jessie-security Urgency: high Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility squid3 - Full featured Web Proxy cache (HTTP proxy) squid3-common - Full featured Web Proxy cache (HTTP proxy) - common files squid3-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility Closes: 931478 Changes: squid3 (3.4.8-6+deb8u7) jessie-security; urgency=high . * CVE-2019-13345: Fix a cross-site scripting (XSS) vulnerability in the "cachemgr.cgi" module. (Closes: #931478) Checksums-Sha1: dfb483b03ebe7026bd33caa345d08ac7a4aa9a1d 2346 squid3_3.4.8-6+deb8u7.dsc 4a5fec155d91f3d9eedf16ea474970e293699cc9 3042254 squid3_3.4.8.orig.tar.bz2 60ad5e33bf22f750a07e2bfc5a2caa71620d6d3b 42576 squid3_3.4.8-6+deb8u7.debian.tar.xz b798698c1d41721e28f70d1739ab796f7ab7197d 259368 squid3-common_3.4.8-6+deb8u7_all.deb fc6180085613e821310d8eb51ee6da3195e1bb75 2071748 squid3_3.4.8-6+deb8u7_amd64.deb 088969c2705632819b00d7ffe4eff1067c501ec5 8617494 squid3-dbg_3.4.8-6+deb8u7_amd64.deb c91a55f9c6f313c28387bbffdb51fbcd635f5bfe 141774 squidclient_3.4.8-6+deb8u7_amd64.deb 067bbc78b5bfdff75aba1a97b72b391f16a61b11 146956 squid-cgi_3.4.8-6+deb8u7_amd64.deb 09aceb19e74ac8d24a21ccb29aa7f61a350dee43 139566 squid-purge_3.4.8-6+deb8u7_amd64.deb Checksums-Sha256: 04e0b1e29258216347525be6b54784f14496f835b4a74ceb473bca5f2a4898f1 2346 squid3_3.4.8-6+deb8u7.dsc d0534c1cb6ad7de9e2c9f3fc192df92d4c454e3e4c5e00c5086997709153c455 3042254 squid3_3.4.8.orig.tar.bz2 4c5286ac388354b6a4c5c7913f72f3242c6398cb10a925010e2be7b65fef9e2c 42576 squid3_3.4.8-6+deb8u7.debian.tar.xz fbf34ea5280b061cec258c92ceeb380da4edaeaa4844fc366a53f73d5d65f51c 259368 squid3-common_3.4.8-6+deb8u7_all.deb 3538be4c684a6e03d01f71bcc0a5feaae705646a78d2755a4c5de6e3932ae40b 2071748 squid3_3.4.8-6+deb8u7_amd64.deb 5fb77b8dfe036fada87e3c320f016c4b9f0840ffbc804d974161a43e39964210 8617494 squid3-dbg_3.4.8-6+deb8u7_amd64.deb 7fb0d8c45bcc76b79d3e867161df5530e8e5f9b61b1e93844471178daa05c196 141774 squidclient_3.4.8-6+deb8u7_amd64.deb 9ee30d29531cde117f044ac14ec4da00e17b61aaf8ca6a1d0515629b1fe9fe4f 146956 squid-cgi_3.4.8-6+deb8u7_amd64.deb 9c301811782414edeb4e016509d9365068fa0a2a0cf666fa1350b12732b176b7 139566 squid-purge_3.4.8-6+deb8u7_amd64.deb Files: 24ef525f2842597e79a664a7b79c8634 2346 web optional squid3_3.4.8-6+deb8u7.dsc 094bd5f974d13485d51d02e93ec6027b 3042254 web optional squid3_3.4.8.orig.tar.bz2 ddf279f5c2591952aabfa31907dac190 42576 web optional squid3_3.4.8-6+deb8u7.debian.tar.xz 5c946d46853a4a9675a88ead35c7c222 259368 web optional squid3-common_3.4.8-6+deb8u7_all.deb 748a337f5bf62f6a9517f5ce7b0c9fe6 2071748 web optional squid3_3.4.8-6+deb8u7_amd64.deb 28e7b099182d67f3f788ba9a074666c3 8617494 debug extra squid3-dbg_3.4.8-6+deb8u7_amd64.deb fda64dc557681203b03f55e40665d8df 141774 web optional squidclient_3.4.8-6+deb8u7_amd64.deb 44964fc59573787d77530ecfff54caf4 146956 web optional squid-cgi_3.4.8-6+deb8u7_amd64.deb a5e755a09837ad83462fdec89830bda3 139566 web optional squid-purge_3.4.8-6+deb8u7_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0iUb4ACgkQHpU+J9Qx Hljedw/+M3dcrlwnw3+XryfCdqRMBqfCh95Yj+5Z0Trrjjd8v5B5hNR6sNWEl1tY Pmmhb13ZKa8/tomUg0F8Mw/oK7+hXeP3s2RS2lK3oYlCtK5ToqVeWFUp+g/FLSFs 5aK7TABxWKOLkRUbIhPXZpKMeax0L5tlc8YL9ti1GJYKtHQtYWht64fp8XxZIJyo ZetW1UchSTYZ+HbzIAqAkoRw6trXV5rZrwgIUTGnz0OB+vbaF1tCo5C/tWW/hTEt D8o47NKoQ3FvSulsJsJwvqHTFtPU/1EbeFj3xWo6f5BsYRRndNY5+KXAhI/9uBve td9AgepGXiSTizHFfQkQcdrGbaNesOtWCreD3GvmHNhLIOcZtr/0iDhGS0F6tMCi D9EYDgijeNsIhxsimXa9dh9ezrycOO7YU032QTwWuWbuyXcMcMHlaX7cmvTzI3UV 7wn2ir+pfZ89WXNJbysbCqqRgziLsHKSbULAA6TxnKD1rK33bz8o/Oq8yZ+YJLAR U5wZYIsk0IDqsqn6Tzeuq/1ApG0KC/IMnmpKdn6G6jCpGfnHQdFItTyiKV9dKKSF v0BRimAe4vI886rZvpVzbGWQO1d4AOgjoyL8WfKG4+7khh+/mCVzDesSzaADn4rn 5GlxMiUggI78KX1f5BeiIftDJjawueI4HXmCtVG2ZIZM9Ctg2AQ= =ynrm -----END PGP SIGNATURE-----