-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 6 Mar 2024 00:21:52 CET Source: squid Architecture: source Version: 5.7-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Markus Koschany <apo@debian.org> Checksums-Sha1: e3c04077d35b9af42a4db2735ab7b49a23ce315a 2871 squid_5.7-2+deb12u1.dsc 141e8007d6b1cfee34654127a9ca025125b37b58 2566560 squid_5.7.orig.tar.xz 0ca4e7cf9a3838c7944ba4a5e48d5623e822ff7a 55324 squid_5.7-2+deb12u1.debian.tar.xz e8322c38c8ab122ea095b43e79fa05434b918221 11088 squid_5.7-2+deb12u1_amd64.buildinfo Checksums-Sha256: 972f9eaea48c84b47cb8630e176a4b3ff934b6ffaecd7c074dc097f8e15f1208 2871 squid_5.7-2+deb12u1.dsc 6b0753aaba4c9c4efd333e67124caecf7ad6cc2d38581f19d2f0321f5b7ecd81 2566560 squid_5.7.orig.tar.xz e52c73948661d979c26fe18dc6f4ac1fddb2e217a7cad700490325ea5623dfb6 55324 squid_5.7-2+deb12u1.debian.tar.xz f2fbfc8555504f5818ae25a3aa06046a4e57f5c6d41e8bcf426eae2cbab0653a 11088 squid_5.7-2+deb12u1_amd64.buildinfo Changes: squid (5.7-2+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload. * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848, CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617. * Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management. In regard to CVE-2023-46728: Please note that support for the Gopher protocol has simply been removed in future Squid versions. There are no plans by the upstream developers of Squid to fix this issue. We recommend to reject all Gopher URL requests instead. Files: b46b09a0bb848cddb1af0387535f6006 2871 web optional squid_5.7-2+deb12u1.dsc 7a3764a3c5833631a779d7827901cda7 2566560 web optional squid_5.7.orig.tar.xz 60f01eafeb78618c71baf9004a06d0f7 55324 web optional squid_5.7-2+deb12u1.debian.tar.xz 0b0866406328d58fc36d1ac8c20eda22 11088 web optional squid_5.7-2+deb12u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmXnqU1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkfgUP/iXYLQzVtiwbKarHxiBeKr/trR6OtDOTb3h4 tHFS8jTb7oxIGfgwz1guNJtkXXALWk3i5JnjKcMUByjUhZjMc2sjcXeYzqJ1OQMT 14Xp+QyoPwYUzh8T6ly05/dXgrV315Nw2NtJhWmnNsiglpJMPh9mh1Tg/xU9lSUU mm3EmQuKenHhtXp60pd3abfVBiL4HAkTgtoh14zKMl3KlKo1cdJ1taqwYfnx7ZTd q4gkIUk0/5O37a6M7CgDSghOhEoec+b9GnHpIsyeOE5LUbAYQM/atrgaeSpX7HBM eyBoGJJLQxS2hySuTfvBSergn8oEH8tel55qQ/OgkaEGy4H6e/GhEbAtmPPw9vy4 MPltiEE64FVNZ0coofLy8LcBvtYyWY50yeacqOobruMfNWEgMRTfD72rB0rx1+5H 7s45OcnlxOl13xTcUVdaxV5oolVapnuXCX2lOpb1FivYgOIlbZfWnEjRTdQ5ZAp5 DSDS2RgT/+4EIpy7kGmsp2HBVGsVBqXbeCnGa4Ukj2GhpO30obG4724AzypdIDag KB29DXcIzYYruaO7LFmd0oCmLFzA4nRaa+3zKoCJR2KlwD1VIPiSiUdHJtXVJYnf iSml6OghLhytwJN5OwciJKu1nQu2uPa6HuYhl70n2DRftQYFPVqipeNJ1tj85xHJ ynWYYq0e =cRFx -----END PGP SIGNATURE-----