-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 17 Aug 2025 19:26:48 +0200 Source: squid Architecture: source Version: 4.13-10+deb11u5 Distribution: bullseye-security Urgency: medium Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Closes: 1055249 Changes: squid (4.13-10+deb11u5) bullseye-security; urgency=medium . * Non-maintainer upload by the LTS Team. * Fix CVE-2023-5824: A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service. (Closes: #1055249) * Fix CVE-2023-46728: Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. * Fix CVE-2025-54574: Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. * Remove Gopher support Checksums-Sha1: c22fa0eaa287bffccca679b2f811ae1597ea576e 2753 squid_4.13-10+deb11u5.dsc cac95c18789e9ecd6620c2f278fc3900498c065b 2452752 squid_4.13.orig.tar.xz 5a9bfdfe5aa6136070a622c05360406b4b43418f 115584 squid_4.13-10+deb11u5.debian.tar.xz dcc1745e73af6493d735019247af4e1f5c88935f 5705 squid_4.13-10+deb11u5_source.buildinfo Checksums-Sha256: 42e09204fb1b96738b0ec3b8682e7db386952bee0aa73e3c71d8f55044b42540 2753 squid_4.13-10+deb11u5.dsc 6891a0f540e60779b4f24f1802a302f813c6f473ec7336a474ed68c3e2e53ee0 2452752 squid_4.13.orig.tar.xz 698695ec30e41f103fe3a0ea859d77bf2b01b9c16f89cb003c05c4d3d8891aa3 115584 squid_4.13-10+deb11u5.debian.tar.xz 149ca25df287e935cf82dc14ff58cd797b015ff856582d8fec7e8fcad8f21ca5 5705 squid_4.13-10+deb11u5_source.buildinfo Files: 49523f41035c2aa30c8216527bc7778a 2753 web optional squid_4.13-10+deb11u5.dsc 492e54afc15821141ff1d1d9903854d6 2452752 web optional squid_4.13.orig.tar.xz e688698a0af3a58f390ea3b1b3a8b0ad 115584 web optional squid_4.13-10+deb11u5.debian.tar.xz ab0a782f93b1d8fe1a19ace58718b5ab 5705 web optional squid_4.13-10+deb11u5_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmjX54oACgkQADoaLapB CF/xxxAAspjsPQjn/J19s6dvvCx6EGDr8QzWjUyrNmjDduWgZrB9I9iD8nEzn5AN /XdFksOfaa+/ruT9zKyijukVXD6wYjKPASKDWXjItJSXVHhXqp54EY23UOMPbJPg /GEPf2iCPpTHqz3zeKS3zaSTQnv9cnt4P5OsVqvbvkGmn26twY2izHiCcjptwrVs as9jPImeGecoTPil6KnY1Y9zol71tEjoAchCU9MFlAFvZ+r3kfzshvRDS72qyCKN 9sENQmMFrPJ4o0l1RLn7djsCfbAB2f+gmheR/C4t6Bx1m81xn7dli/EEr3DwbM86 aVDouQU3Ql7QxKqAnkvuB44pkSYT0jBvkKEiw/OV0kP+iBM4Zld/RpM0CQhPcGMK g2+MZv10Ob2H03DcBSwr877ZZmmQGArysPMmjraVnmvHKPN8re5PhBSxBRcEAIIg tHf3r2qRf9Ejnxl5mKbvzGK5d6aOegg9vFMxvAhbq+/+XRD5QjJqYri9O2tLrWkr /65wjH+YAGO/SUSC6GHbZkP9B1AFtH7oAeN7e3cfY1G7UUpVKQ/n501rkKegwWkb hSGg6eKLHxuLMX2U6VUJ1JpfDaaWp9dJxgqHf7K2kyaomSZ7r870vqH17WWpUkIv dT8Oyz89JQSqYQMLoNL9glKx1333B/tS/EpJ5NpEYwjTQkvtpbM= =6aJm -----END PGP SIGNATURE-----