-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 27 Mar 2016 23:19:29 +0200 Source: squid3 Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi squid-purge Architecture: source all amd64 Version: 3.4.8-6+deb8u2~bpo70+1 Distribution: wheezy-backports Urgency: high Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Luigi Gangitano <luigi@debian.org> Description: squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility squid3 - Full featured Web Proxy cache (HTTP proxy) squid3-common - Full featured Web Proxy cache (HTTP proxy) - common files squid3-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility Closes: 742425 776461 776463 776464 776468 793128 Changes: squid3 (3.4.8-6+deb8u2~bpo70+1) wheezy-backports; urgency=medium . [ Luigi Gangitano <luigi@debian.org> ] * Rebuild for wheezy-backports. . squid3 (3.4.8-6+deb8u2) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2016-2571: better handling of huge response headers in src/http.cc . squid3 (3.4.8-6+deb8u1) jessie-security; urgency=high . [ Luigi Gangitano <luigi@debian.org> ] * debian/patches/36-squid-3.4-13225.patch - Added upstream patch fixing Improper Protection of Alternate Path (Ref: SQUID-2015:2, CVE-2015-5400) (Closes: #793128) . squid3 (3.4.8-6) unstable; urgency=medium . [ Luigi Gangitano <luigi@debian.org> ] * debian/patches/31-squid-3.4-13199.patch - Added upstream patch fixing excessive CPU usage (Closes: #776461) . * debian/patches/32-squid-3.4-13210.patch - Added upstream patch fixing excessive CPU and memory usage in NTLM and Negotiate authentication helpers (Closes: #776463) . * debian/patches/33-squid-3.4-13211.patch - Added upstream patch fixing a possible replay vulnerability on Digest authentication (Closes: #776464) . * debian/patches/34-squid-3.4-13213.patch - Added upstream patch fixing incorrect security permissions for TOS/DiffServ packet marking (Closes: #776468) . * debian/patches/35-squid-3.4-13203.patch - Added upstream patch fixing squidclient unable to connect to host with both IPv4 and IPv6 addresses (Closes: #742425) Checksums-Sha1: 7041a218201575500d9e8048770b1facdcb1fd53 2331 squid3_3.4.8-6+deb8u2~bpo70+1.dsc 4a5fec155d91f3d9eedf16ea474970e293699cc9 3042254 squid3_3.4.8.orig.tar.bz2 6111438d685b56e84ff13874f37a60959de3666a 32992 squid3_3.4.8-6+deb8u2~bpo70+1.debian.tar.xz 0c4d86afc46a574a5d4d0f05e0bf2c207bca8aab 258270 squid3-common_3.4.8-6+deb8u2~bpo70+1_all.deb 4b8104d59c6a9d9357f3e309e961f0eef1117084 2068286 squid3_3.4.8-6+deb8u2~bpo70+1_amd64.deb 9c71b79a7a8ed19bbf81caecaa9e1dbb4a030ff1 8653384 squid3-dbg_3.4.8-6+deb8u2~bpo70+1_amd64.deb 91c884ef07b185031e7446390fecb9ce4240195c 140478 squidclient_3.4.8-6+deb8u2~bpo70+1_amd64.deb 412cc323cbd19715449a2947ddb82556a85b6a54 143366 squid-cgi_3.4.8-6+deb8u2~bpo70+1_amd64.deb 18745b2b92761433f607d36f5eec283b04324353 139004 squid-purge_3.4.8-6+deb8u2~bpo70+1_amd64.deb Checksums-Sha256: ca8a5d7234c136c93c7f1de1addc40b5046c966283acf414f701a2a11593e17b 2331 squid3_3.4.8-6+deb8u2~bpo70+1.dsc d0534c1cb6ad7de9e2c9f3fc192df92d4c454e3e4c5e00c5086997709153c455 3042254 squid3_3.4.8.orig.tar.bz2 7e5c400cf702f0f713da21479e08e0cd83b12b77cfed7e59a8ad1c9ca7a5d579 32992 squid3_3.4.8-6+deb8u2~bpo70+1.debian.tar.xz d25064d40404b141b4f696d2041bc16ee701975c0825000440aac82a7f8a08f0 258270 squid3-common_3.4.8-6+deb8u2~bpo70+1_all.deb 215a6c9a59cbaaeb0e8a30c7e036fe3bb7ecbf597154a3a9955d911e628d53f5 2068286 squid3_3.4.8-6+deb8u2~bpo70+1_amd64.deb 72dea68933b755dd1c26d6fbbd92aaa145562e55ff9b0c1d07ab258c5f2427b5 8653384 squid3-dbg_3.4.8-6+deb8u2~bpo70+1_amd64.deb e549cab9577be547b4c0920595091c77de90ca6d3a5bc3bf48639b96a12a2931 140478 squidclient_3.4.8-6+deb8u2~bpo70+1_amd64.deb 8637c805d3dbb3306abfea7538fccb2def5d8e57bfce4eaa9fdb8b30c343982d 143366 squid-cgi_3.4.8-6+deb8u2~bpo70+1_amd64.deb 46387225917b94f153b854f5e86b2349a82e314c1e4adfb51db71f21548595bb 139004 squid-purge_3.4.8-6+deb8u2~bpo70+1_amd64.deb Files: 0877c2c199131c9910e4bbbe22e015ef 2331 web optional squid3_3.4.8-6+deb8u2~bpo70+1.dsc 094bd5f974d13485d51d02e93ec6027b 3042254 web optional squid3_3.4.8.orig.tar.bz2 787b037704683c5b9eb9a6fee0cda948 32992 web optional squid3_3.4.8-6+deb8u2~bpo70+1.debian.tar.xz 857406bb060af387cc11e965b3dbe746 258270 web optional squid3-common_3.4.8-6+deb8u2~bpo70+1_all.deb 5ab50ef8826136f4376d7efda12d5e4a 2068286 web optional squid3_3.4.8-6+deb8u2~bpo70+1_amd64.deb 978d67b1c1b3020e51e4268210df47ce 8653384 debug extra squid3-dbg_3.4.8-6+deb8u2~bpo70+1_amd64.deb a08154dd468d3181c8542f4330e1bce4 140478 web optional squidclient_3.4.8-6+deb8u2~bpo70+1_amd64.deb fbba88f543b91df2f0f2c0119290fc74 143366 web optional squid-cgi_3.4.8-6+deb8u2~bpo70+1_amd64.deb a5e1cdaa1fb08205168b99c43009f993 139004 web optional squid-purge_3.4.8-6+deb8u2~bpo70+1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJW+FeRAAoJEAKE8gwrqXztVWoP/jWKctaahWe7a/Z/0of/Bzwo njj1cwbSE19DaoFwDTrME6tdbbg8OPU9Twi80pL9QNxmKLeBTBziv8JEVUkFXinF vNaLtS/Fkoty3W8OEcOlkvKtYwPXEOF7YMeC8cWHJfqaqp7mBKiw0ZZNQftZW/Dr 57rQIIlrLoY1P25N7NWwcWfgExOWVo585pCvBhroum9biTJuMG7P4icoY5ffDR65 9uscYxC97sCvTtVktj73xBgHE5k6OZP8+Rtb/Ruu8LgNEOfN+eB7d3x78WZmCu1T bkomG4aoK7Y8+1THzSWez7BxU2l/mPmZKr8gGj3OKA44ijHtf4V+RR4uBz4+bPuQ OqC0aef/QwV1ut5dnKFiWlJ96q6fy27BPk0oV/DgAXBKZWpFkj2GKAVuNmnCGINR tzrbBDBjk2QyfMpJOxOu/Rwe2wrfNairmiiCbWBs35NP64be3M623wKapuWasoYs BkrwQ3D5t5VTNx2Qw8FmckVj5Dy9rdQU5xupCVmx6K8Lvb7Zl51tZFBQ5N8o6Sow kboFYzraCR503kD9ANQNAEDG7YptyB6MHE/gXA0D4pwsMRQ6/mrb8WYMCnkEaGn7 XIWOxdu4GSLrv7CLKkPN6p2zuKwznx6eD8VY5EFqj4ro4kf85nVXQt4BcChaFKqf azohU1pfPVR9H+VwO5Dr =wQuU -----END PGP SIGNATURE-----