-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 23:14:44 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: arm64
Version: 5.7-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-01) <buildd_arm64-arm-ubc-01@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (5.7-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848,
     CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638,
     CVE-2024-25111, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 1626ab3de681ab8398988d110c82eb2d2b267636 164668 squid-cgi-dbgsym_5.7-2+deb12u1_arm64.deb
 b1eac73af2526625ce242139dcce04d4c7f689a8 160160 squid-cgi_5.7-2+deb12u1_arm64.deb
 6f37b45e9d555f55eb33ecf1dafc95370acb6adf 23456784 squid-dbgsym_5.7-2+deb12u1_arm64.deb
 9dc39474125366e82826de60e512da02ccf56fe5 25762092 squid-openssl-dbgsym_5.7-2+deb12u1_arm64.deb
 baefa5b9b9104ef88a6361c2714de7be443f1214 2713456 squid-openssl_5.7-2+deb12u1_arm64.deb
 cb7aab3242854bd903345c0ec679d2dc98a98f6d 87860 squid-purge-dbgsym_5.7-2+deb12u1_arm64.deb
 b160c892ea7b7c8d08cd0567651ca70fedabbdab 151092 squid-purge_5.7-2+deb12u1_arm64.deb
 6a36499b127af1ff8409b9bd74194ae2dcaa037e 10271 squid_5.7-2+deb12u1_arm64-buildd.buildinfo
 ee3667a04c3408a5042b47823befb585174a754a 2568668 squid_5.7-2+deb12u1_arm64.deb
 2d1928111f65fda6c8c9252c89955d5536a0d379 199116 squidclient-dbgsym_5.7-2+deb12u1_arm64.deb
 692a6521efb0a621e47c0dbd73aebc5fdd35cd30 161880 squidclient_5.7-2+deb12u1_arm64.deb
Checksums-Sha256:
 cf49ba71c432309bc97e21c5abd6c2e04da516aa9b3d299ef12c3bc0e999be75 164668 squid-cgi-dbgsym_5.7-2+deb12u1_arm64.deb
 509c49e39192b5f9e1d1f69a21afbf0eff60e85f69e6c659265f7bfe5e43b0f8 160160 squid-cgi_5.7-2+deb12u1_arm64.deb
 9840165d87d842aef2aa65cc2a1a4f826cb63ca99a78ae8b864b8a6d7881d374 23456784 squid-dbgsym_5.7-2+deb12u1_arm64.deb
 413516e28093620b1072b335cdf0127a72e78553bd5d68ac01e1028e8e8d2356 25762092 squid-openssl-dbgsym_5.7-2+deb12u1_arm64.deb
 fc31932813fc2dce14204f49d6fa439dd5275d0995902b5938522b1100455b0d 2713456 squid-openssl_5.7-2+deb12u1_arm64.deb
 47829b17883e047e9a3150322b137bf76726929f4960977e7e099e7294a1f221 87860 squid-purge-dbgsym_5.7-2+deb12u1_arm64.deb
 42a36cd5048dfe00774f34644b929223a076276f222ae9d432e088a7f331bc4e 151092 squid-purge_5.7-2+deb12u1_arm64.deb
 b56f2d9fbaed03108f10e122b4831f0a8621a0c9b82b8f7f6fa46762109c3a64 10271 squid_5.7-2+deb12u1_arm64-buildd.buildinfo
 12db646075a867df280f417bc8652dd82d4f28537e83f0deb564f4f9dffd9eff 2568668 squid_5.7-2+deb12u1_arm64.deb
 ac4e854beaa5ba46e27683612c351bec4e04a8fa794e9db762ac73e952787f40 199116 squidclient-dbgsym_5.7-2+deb12u1_arm64.deb
 9eb54f6451ec58a36192acf2ab784ae9a4285a3b098ac324fa058e9a56eb5500 161880 squidclient_5.7-2+deb12u1_arm64.deb
Files:
 2d6dc5fa63133b68dfe8b435e5f3ecb4 164668 debug optional squid-cgi-dbgsym_5.7-2+deb12u1_arm64.deb
 e743e76c4e9797fee59f445b91815aaa 160160 web optional squid-cgi_5.7-2+deb12u1_arm64.deb
 fb10753514da56c51915d0cca4039972 23456784 debug optional squid-dbgsym_5.7-2+deb12u1_arm64.deb
 4913aeb024fe5c1df2244e3b5b9d47b6 25762092 debug optional squid-openssl-dbgsym_5.7-2+deb12u1_arm64.deb
 3fddf57d9c78560a8b2c9da62c2cb9be 2713456 web optional squid-openssl_5.7-2+deb12u1_arm64.deb
 940997b2dc3f384a3d5f400a2632b1ad 87860 debug optional squid-purge-dbgsym_5.7-2+deb12u1_arm64.deb
 8cbf5249225159b2e38c36a8225abf41 151092 web optional squid-purge_5.7-2+deb12u1_arm64.deb
 d18bd3b58383fc8b325fa5f2be0b1121 10271 web optional squid_5.7-2+deb12u1_arm64-buildd.buildinfo
 95fdf562b709400a708da0c7936400f9 2568668 web optional squid_5.7-2+deb12u1_arm64.deb
 07d23729262f44bcdc5d269784cb9038 199116 debug optional squidclient-dbgsym_5.7-2+deb12u1_arm64.deb
 c7ec6d48e34d72a51509696cd1be0afa 161880 web optional squidclient_5.7-2+deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEvH8AOGUMuGQ9yWfAdEqOeknEYfEFAmXnwkMACgkQdEqOeknE
YfEwYw//Xf52hHasuoCa83GgAmF0+UuIVhcnRyaswmgDNOExeK8AVU/4NG6diPLh
KJFEomJaZ46HhybH4Q4auT03RyV32BfGBsDpuUqq67rTT+N09yQAGQo3ujgSzxKu
b/1m+tqba82DdjetBn+J9JhSePbsdKCK+bRZyIULvm1YvvbGBlYvJtRy3pQYUNtZ
cToubQZLfsU6yQziKpkUb8Z4IbWO5M4T5OY3JVnM2ZRi130I6FoKTaaQC94z3EvD
cvfTMWac2E6wuXDRoKGNf7Xib7sZkibu7MP0EICk+JAedA2sqcXx9LA0WsLAlALP
nRG7E7BEDkwLJMGi31VjyVmzpRg4l+4RdD3acqQzv9MUJSjAlBUbaq3SmPLeeQIn
uUxwQgQbKaBxUFzK6uVlXCcE742x5sNE8oVEc5qSw7d13zIqRWUSn3ZBS2ww6eQe
umi+A62MP6GZQ75wyyLSxxsniKfbO2gEfnWuwDCw0Y5UBKQ5wHsV3bgYX/f9bWO2
No7vzVmYkdy2GAX7c9zC5Lp0hU3pWhL6kNBupO24mponSDK+KL9SdKSlBi/u7EM9
bJ26aEx2sZLFZhxIPmVf11CUxLjFfH67gRzTiWGfcivitscwX+rAwiYlLM7PQ+2V
LkMjzKWP207xx5CwezxYJYVttby3imjahhjvt8sU1BN4LzakOXo=
=jXdM
-----END PGP SIGNATURE-----