-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 19 Mar 2021 00:55:46 +0530 Source: squid3 Binary: squid3 squid squid-dbg squid-common squidclient squid-cgi squid-purge Architecture: source amd64 all Version: 3.5.23-5+deb9u6 Distribution: stretch-security Urgency: high Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Utkarsh Gupta <utkarsh@debian.org> Description: squid - Full featured Web Proxy cache (HTTP proxy) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-common - Full featured Web Proxy cache (HTTP proxy) - common files squid-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility squid3 - Transitional package squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility Closes: 985068 Changes: squid3 (3.5.23-5+deb9u6) stretch-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix HTTP Request Smuggling (Fixes: CVE-2020-25097) (Closes: # 985068) - Due to improper input validation Squid is vulnerable to an HTTP Request Smuggling attack. Checksums-Sha1: f1e487ec017d2515bfd2a15c43ed63912f1c4a52 2611 squid3_3.5.23-5+deb9u6.dsc 6b0b2091896e7874024e5f1e28eeccb0acd7e962 4730792 squid3_3.5.23.orig.tar.gz 72ac13613fdf395f4c6555cbe6e444b889a2526d 72824 squid3_3.5.23-5+deb9u6.debian.tar.xz ac555e5a6b8e70288049fcc8edfd0139acb5e46b 168474 squid-cgi_3.5.23-5+deb9u6_amd64.deb 89d5ddf836c3710e998144602955d36f3136fb9b 286018 squid-common_3.5.23-5+deb9u6_all.deb 76c3649f00c05e1ee8b8c67b9108c205c2297935 21703836 squid-dbg_3.5.23-5+deb9u6_amd64.deb 72003bafc4966e521b8b31c1749a9b0654c55a3f 158978 squid-purge_3.5.23-5+deb9u6_amd64.deb 8bea3fc9999044368019b703f3258f54dd36151b 140324 squid3_3.5.23-5+deb9u6_all.deb 6b41ca8676cb6c389308f083b9c5cc9dc27a955e 10060 squid3_3.5.23-5+deb9u6_amd64.buildinfo 2d857fd302158cfc35e2f51b0e9498a3fffbecb1 2322452 squid_3.5.23-5+deb9u6_amd64.deb c03ce1ebf7244bd61dff09e541764f5523f4b9e0 169734 squidclient_3.5.23-5+deb9u6_amd64.deb Checksums-Sha256: 7d4e7203769f7435f25e8326b1ae4f1839f3fc87a519e417d48a15010a498bf9 2611 squid3_3.5.23-5+deb9u6.dsc f81eeee0fb046ad636566b51fe4f72b8bc66d454d7082ef38e273c3f4b09f6db 4730792 squid3_3.5.23.orig.tar.gz 88f5c03957b77acdc85370e57971c410325337cf172bd2d0403c62cc5febe73f 72824 squid3_3.5.23-5+deb9u6.debian.tar.xz b483e97144fc521f62de5b8ede810c82c43728fa8b2b396e89ceed73258a88e8 168474 squid-cgi_3.5.23-5+deb9u6_amd64.deb 24be88efbb34476e5bf32d7e8c41570d268f886b880edee1d49d67f924500c73 286018 squid-common_3.5.23-5+deb9u6_all.deb 32daba65ef2dff28f8fd7df63e9dd623dc0f05654c371aa41cb9ec80da7f67b8 21703836 squid-dbg_3.5.23-5+deb9u6_amd64.deb 99f49cf5ad7a12e9f4688efa6724adfcef12b80008023cb01e9834ebb7b83a0a 158978 squid-purge_3.5.23-5+deb9u6_amd64.deb b48727e5e9292c0d21a93f951358175b89b6c3d3b6fa311a09cf5db6939a0124 140324 squid3_3.5.23-5+deb9u6_all.deb 179a652204f8aba60259450ea16fb6ab21de5ed6c1f15e275d570c3c24a87339 10060 squid3_3.5.23-5+deb9u6_amd64.buildinfo 84030024e04853911a347796a507fba2f33d6b4f4b9d2d960e43ec05290c0a19 2322452 squid_3.5.23-5+deb9u6_amd64.deb f40c6d5d99349fc432c889cda5c5a24294a6aaee7031b9f0dbf1a456da10dd92 169734 squidclient_3.5.23-5+deb9u6_amd64.deb Files: 66f606689f422a0e84b3675b8db616e1 2611 web optional squid3_3.5.23-5+deb9u6.dsc 49d790ddee8c611ee2992e66eb8e9ae9 4730792 web optional squid3_3.5.23.orig.tar.gz c6fc075bfe807f9f3e85366cb9dfe0ff 72824 web optional squid3_3.5.23-5+deb9u6.debian.tar.xz 372c23aefe30d4739c344d6d405daa10 168474 web optional squid-cgi_3.5.23-5+deb9u6_amd64.deb 3faeff3c7bf486521a06431542d96587 286018 web optional squid-common_3.5.23-5+deb9u6_all.deb 3117b8917d392fb55a77fadf7479c417 21703836 debug extra squid-dbg_3.5.23-5+deb9u6_amd64.deb e6a9086b733200be3bf9d48e3b2401b9 158978 web optional squid-purge_3.5.23-5+deb9u6_amd64.deb e78fda04c9f0b57c62f140c5fbff3e45 140324 oldlibs extra squid3_3.5.23-5+deb9u6_all.deb 3d506fd392c5504821f0e9cceea5a6ed 10060 web optional squid3_3.5.23-5+deb9u6_amd64.buildinfo 69186bbe843a69b1837726dfb7c69f36 2322452 web optional squid_3.5.23-5+deb9u6_amd64.deb 548646320dbed0902293a938fb569f3e 169734 web optional squidclient_3.5.23-5+deb9u6_amd64.deb -----BEGIN PGP SIGNATURE----- iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmBTsMkTHHV0a2Fyc2hA ZGViaWFuLm9yZwAKCRCCPpZ2BsNLlg9FD/44USExaNUaQYye/oMNp0BnUOScaAm+ PTYFe9zoG9tluPIue2CIAtU2+JSniXgcULS9x+/H/74dWYtgC7xXWk+8X2Q7Tqpy XWXZlMNgLPAj9wmkfnm2kWgf81A9Ztc3Xq1JOgfT/e5RWhEEUU/uaCmecGwZmvnX 0kxHwreNvQjLStLqM2+aCZawO2NcuAQuc0sSxCj/ASzwCNKLIVNV2P0fu4gAOO0f vJMXc8DJd0D8ZHBJx24ONztQQI49rUdbj2KvIGHljqX7f1YaUAp8GeFtQWMPYQGp x/K2PKedPJr3kPpVhLlsSlYWa+lM5GXGBhgcrvfN3pg7MzMrd2Jt64/eov/JGD7j g33wk2m8gptL8GNj1M5SmY81WBSSSnlbt+vrFzrb8JtOf9MrR3azNRQXicoXQrng O13UOiEu6X6Vd82zwt2tt+vOtaItfA8WCQ+/kgKBgLVW4Kv3pkEJCwM2ccXP3b9V HqLyku4FgYeRtXESNDc6EBuCYKr1EX0I0uzbu8twFyxR4+hHlVVeUxCHGXM+OpOX puDTr6JCXRUXPNad4cR/x5iqIJtnEDW7h5x4Ms8TNaIeDSqg0QpBDpdjoZWsJJNu KjTtWASmHsdeOpsxGGHoZhiOg0BK3Zt7/9WPAUDEy+t2/p9wOpLlBcioczEwZdA2 xdqcrxnsAP7k/A== =V6LN -----END PGP SIGNATURE-----