-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 23 Feb 2013 14:08:15 +0100 Source: squid3 Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi Architecture: source all amd64 Version: 3.1.6-1.2+squeeze3 Distribution: stable-security Urgency: high Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: squid-cgi - A full featured Web Proxy cache (HTTP proxy) - control CGI squid3 - A full featured Web Proxy cache (HTTP proxy) squid3-common - A full featured Web Proxy cache (HTTP proxy) - common files squid3-dbg - A full featured Web Proxy cache (HTTP proxy) - Debug symbols squidclient - A full featured Web Proxy cache (HTTP proxy) - control utility Closes: 696187 Changes: squid3 (3.1.6-1.2+squeeze3) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * Add CVE-2012-5643-CVE-2013-0189.dpatch patch. Fix squid-cgi (cachemgr) memory leaks and denial of service vulnerability: remote attackers could cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials. CVE-2012-5643 and CVE-2013-0189. (Closes: #696187) Checksums-Sha1: c5f6749082a7f2fb4e2f040b2bc0cecfef97e81a 1945 squid3_3.1.6-1.2+squeeze3.dsc b2208a200998e98a02596d3c8f4dad6763746c53 23044 squid3_3.1.6-1.2+squeeze3.diff.gz 6380ea78d9eadc573d8e51cccaaf113e092544cf 196062 squid3-common_3.1.6-1.2+squeeze3_all.deb 8d55afc54170c79003164e6efaebd24f5d3992c2 1503786 squid3_3.1.6-1.2+squeeze3_amd64.deb 2405080e5f4af1146660e022f3f6c5cb6e0d9b58 5630368 squid3-dbg_3.1.6-1.2+squeeze3_amd64.deb d65ed2ccc4ad390a9b090f301a748c04a9bd2337 106596 squidclient_3.1.6-1.2+squeeze3_amd64.deb cfaf934f65485e93dd42c680e56345e65f7592aa 109162 squid-cgi_3.1.6-1.2+squeeze3_amd64.deb Checksums-Sha256: 4e240bc5b701735fd66f8a4f6c9be1b81cd427810f9f4836e3fa6ce33ab20e70 1945 squid3_3.1.6-1.2+squeeze3.dsc edf23b6e2a9773e4aedb9e87f281b5cf59574db7171a15d634ab5d32e8bac82c 23044 squid3_3.1.6-1.2+squeeze3.diff.gz cf066c363753e37d32acebb3c4b6b9e0a28cbbd743a1ad6d58ce2036f70ff313 196062 squid3-common_3.1.6-1.2+squeeze3_all.deb 6221b0bb02cf7d4acc855e119660c0e8e5c6d463ae40ba51939b03437003db76 1503786 squid3_3.1.6-1.2+squeeze3_amd64.deb 866d213ed26f42c62752a56c2007ebf41377ef459367f7da5ae1b4ccc8c0af11 5630368 squid3-dbg_3.1.6-1.2+squeeze3_amd64.deb 4d30058966703e44bf7f93a57213294814706de00e8ab57735e8e5662e2d2d6b 106596 squidclient_3.1.6-1.2+squeeze3_amd64.deb dd991d13eaa5e17d8c1c3d93b2cfa9ef98571417348a357582ccd160238ad037 109162 squid-cgi_3.1.6-1.2+squeeze3_amd64.deb Files: c7754aa210a9bec4b70cffe5e76162e4 1945 web optional squid3_3.1.6-1.2+squeeze3.dsc 1e5c47a57390e3687ef07af9a54f9807 23044 web optional squid3_3.1.6-1.2+squeeze3.diff.gz 25c25ea08cff7d1564f43781118367d1 196062 web optional squid3-common_3.1.6-1.2+squeeze3_all.deb b232b0475053ee02b141cbd1a0868d92 1503786 web optional squid3_3.1.6-1.2+squeeze3_amd64.deb a692f9ebb0fe2b40f25f84b4fee1a61e 5630368 debug extra squid3-dbg_3.1.6-1.2+squeeze3_amd64.deb 5d043aec9d7ab49fa38cb391c5592acd 106596 web optional squidclient_3.1.6-1.2+squeeze3_amd64.deb 1fe4e32221676902f7f55f16ff50b3fe 109162 web optional squid-cgi_3.1.6-1.2+squeeze3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJRKOr3AAoJEHidbwV/2GP+tMcQAMWU9vk02JoPV5guWGLTPUzp hvH78ARaDvVwwgfghLm3PtJNNJrQiuYmTTQ5lXiSzMgagvMewtlKCSZ5CW6psoXN oRN0pK3zBMvTKQb89eGmqFu572uZ+6VZVYOAwuIzaD4Ogf3u6Yss68x3ldTkBUk4 xCUkTVQfK/KwOuUA5nV9yJ9xbSit2Ss2SSPMpJeLUjhy1iiM8wUqmzFzu1qfZO0q tG4PH6ycPehkD6sTubZ5FXArLavlIAcLOyItGrxRxehY2e2IUnmvSpLNlbUPTRzk oe1ySXd1kGjLv1lBTDkZpxZvOjF5m/bNqgfkl2G5wk/NDp1msVfFewv4X0qR87FI +P7P7Q/Hp4LecbU7k++zX3kfqb6cWtHnoSTa0bMhHmBH29KpqYgXaUVwdL1HkL+K iScDh4hKCbqSO5RGCdpLyUK+BCl2u+k0rPnu8yt2jFQRnFIg50gI1N0OWhd+11EX AhpE9QBi5/o8SmwnvVLwnAwIB5p9wuogxZSKMc85wCihflVkvaBZElY4lywhI62H 1vTJTkZb3WFka7iYVGeHnLORa+3y0AnlTdnRzTSqMXvqWukVzRLwpJnmgsXqb49B hk6hUvoiypZdkg2yGWMxofvNPy3Nc0sPRUwo4wIfvBxCQmwdpveMk72MaZ48qEQc ym5P/6RzFY3lMjHIffCA =/EFi -----END PGP SIGNATURE-----