-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 4 May 2020 21:07:15 +0200 Source: squid Architecture: source Version: 4.6-1+deb10u2 Distribution: buster-security Urgency: high Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Luigi Gangitano <luigi@debian.org> Changes: squid (4.6-1+deb10u2) buster-security; urgency=high . [ Amos Jeffries <amosjeffries@squid-cache.org> ] * debian/patches/ - Multiple Issues in HTTP Request processing (CVE-2019-12520) (CVE-2019-12524) - Heap Overflow issue in URN processing (CVE-2019-12526) - Multiple issues in URI processing (CVE-2019-12523) (CVE-2019-18676) - Cross-Site Request Forgery issue in HTTP Request processing (CVE-2019-18677) - HTTP Request Splitting issue in HTTP message processing (CVE-2019-18678) - Information Disclosure issue in HTTP Digest Authentication (CVE-2019-18679) - Multiple issues in ESI Response processing (CVE-2019-12519) (CVE-2019-12521) - Improper Input Validation issues in HTTP Request processing (CVE-2020-8449) (CVE-2020-8450) - Information Disclosure issue in FTP Gateway (CVE-2019-12528) - Multiple issues in HTTP Digest authentication (CVE-2020-11945) Checksums-Sha1: abde75f0ba6886099864b7deb6f440c8d031375f 2674 squid_4.6-1+deb10u2.dsc d41654e5213ce32fde4c4963a822bb91bc1fd5b6 64420 squid_4.6-1+deb10u2.debian.tar.xz 9d2e58f01364b385e6c2d6753202416aa2c6c0c0 9340 squid_4.6-1+deb10u2_amd64.buildinfo Checksums-Sha256: 6642185cf2a43854da25982f7a6a8550439d172dd69183ffc5fccb6538f46641 2674 squid_4.6-1+deb10u2.dsc 38698bcb2340085843b502a8045292fcd911c266a9e653a1f7c7e0447a100154 64420 squid_4.6-1+deb10u2.debian.tar.xz 34ad15a15a923245e83ab29ee5d62ee8605ab9c2af641f28f29e0ada3bc8c30b 9340 squid_4.6-1+deb10u2_amd64.buildinfo Files: ef04fc1b90a82b7a59043dbf8bb29a06 2674 web optional squid_4.6-1+deb10u2.dsc ea11a089265e9ba7bff0e1913d25626f 64420 web optional squid_4.6-1+deb10u2.debian.tar.xz 6b3a6ad066e7d3ec5ffe0293b384367b 9340 web optional squid_4.6-1+deb10u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEjUhaNf8ebreQ5Q9tAoTyDCupfO0FAl6wglIACgkQAoTyDCup fO1v8g//fTmG7Qpfl6EHVRU6xgWiHBOplrudhcOivJkK78kHsw621+0/Szggc3iv 3Cks7K0u/zL2X1Dv3qxVTj16/B/rxDzcJvj6we4i7UMMJN/Rv7C1V80NFeS+b4Nf MQ7GKbB7zBT4dMObJ1dchhltxN5T+cofLyqn4IMB1zFpyjKMjrjGi2xe8Cgp2SJv 2FhLu6IdPYSDjwKp4l51kXQuhKtevPDchtE21WIUCGA/qgTJv5OKGquqUTK4WgVX KAG01se8vdsa2xZd0l0SjZhLbpxjECMKmhDJs89mWr6mGmM82w+ROX0KyEWU78r9 P1bSWdb9frrd734S1vgcm1eNtmK1sZCV46k3ziyOe68vLH9l+y55i7p+bTUVMO8G D5p38RQwkg6X3kzp1INghPOAjseEbk1c2pFTP+OhrIKysZ0n+PqcUSrTQyPpwzcy n9xW91DhtpqddUii+wysAngtoCw2f/G1k6NZFr2f9Y2JjmFFVnuK6t4UYkkEI4t2 wgnPTZeAOVHleVe8yTyR7Vo2xcNZ+kz8ds/S/EZqYwBXnfP0kMJU2LU2gBAO3Lua Q1JjmryqiRapX4N8neYPpJNRd3uFk4iM1uDCzxi6GrHRqdHFO5BGAMkglh63GM4r PweeCF1R4q5lq2FSZA6f1il4kVSQudmAdpEM3KwyKCWF9IGbXoI= =AYc0 -----END PGP SIGNATURE-----