-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Mar 2024 20:52:04 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: armel
Version: 4.13-10+deb11u3
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (4.13-10+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 CVE-2023-49285,
     CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 01fb945fb1123a0a85238b9172cc7780601a532b 152580 squid-cgi-dbgsym_4.13-10+deb11u3_armel.deb
 512c4d7511b3c3b80e042baf07383d83cf822cb2 165928 squid-cgi_4.13-10+deb11u3_armel.deb
 729e92b377ccae64696a223202bae0c83c08233c 18464516 squid-dbgsym_4.13-10+deb11u3_armel.deb
 d73427b8dc541a98983c33caeecb60e05ae97097 20483772 squid-openssl-dbgsym_4.13-10+deb11u3_armel.deb
 aa313dbf18c92c74b7044eeb1370ea6637bde44d 2490108 squid-openssl_4.13-10+deb11u3_armel.deb
 9e7307d12b73f72c6511f753c3fe66efa2536179 76392 squid-purge-dbgsym_4.13-10+deb11u3_armel.deb
 10c8519305a8937c617a5450ac67ad3cf2ebba9f 158096 squid-purge_4.13-10+deb11u3_armel.deb
 bb570cabe45e408f96c5bbb399d8a0261e82743e 10789 squid_4.13-10+deb11u3_armel-buildd.buildinfo
 0dbe44b19c798b69cfc9ad0458d69de98cc51ea4 2353492 squid_4.13-10+deb11u3_armel.deb
 bbe4926ca5ca44df0fd643cd87db58beea31fb64 188348 squidclient-dbgsym_4.13-10+deb11u3_armel.deb
 2c2523961e22122fb5b26c2ff2d7b0a621e310ea 167780 squidclient_4.13-10+deb11u3_armel.deb
Checksums-Sha256:
 79c12f3c24441e837ff343b95e48a3d356cc4eb2d207f1ba5099cbe3b0518492 152580 squid-cgi-dbgsym_4.13-10+deb11u3_armel.deb
 744cac617dbb981eec484cd8269cbe598f76f3ea45c3ad6fa5d8461e40ff3196 165928 squid-cgi_4.13-10+deb11u3_armel.deb
 3f3e777644c9ab47facd79f305e48d624fced1f678b6886c4000621a0715e565 18464516 squid-dbgsym_4.13-10+deb11u3_armel.deb
 3770e4839563e9ffec62e45ba2dca238bb6325bbebc2712130ddcb8bfd62db98 20483772 squid-openssl-dbgsym_4.13-10+deb11u3_armel.deb
 8ceced8c6e655cb2243bd98006a8ff2086510900b65c76c994c29451a8ce68e1 2490108 squid-openssl_4.13-10+deb11u3_armel.deb
 78fbcce237c019deac64ac408298e95cf7017bb06ca5f3a20ce78cad5bae7561 76392 squid-purge-dbgsym_4.13-10+deb11u3_armel.deb
 7393c0a9e1a5cf959db1687b60d0c0d55d77296897320fedf257abf75c5e80f9 158096 squid-purge_4.13-10+deb11u3_armel.deb
 6a959c3344a26490b2dc442ce9b5fa4d7fd53875fefa0af593ef6ecdbc24fdf4 10789 squid_4.13-10+deb11u3_armel-buildd.buildinfo
 d9df3f993b41331ccd340c5e35978488af4a7acd2064f967ff314fc93fcfda7c 2353492 squid_4.13-10+deb11u3_armel.deb
 532ed16c6ff4f863b53c5e1a9c75ac2de1524dcfd016361c9aae797424e5e9b0 188348 squidclient-dbgsym_4.13-10+deb11u3_armel.deb
 0b62aae3daccf85ca38bb16597fc8372780af589c0f86762a53ca534bde4a08f 167780 squidclient_4.13-10+deb11u3_armel.deb
Files:
 334ee2f7f12d39524d055e688e97320d 152580 debug optional squid-cgi-dbgsym_4.13-10+deb11u3_armel.deb
 f31600ad60949799497adbd87ce47ce7 165928 web optional squid-cgi_4.13-10+deb11u3_armel.deb
 31306c0bea67cf8446ab545c34f0c67f 18464516 debug optional squid-dbgsym_4.13-10+deb11u3_armel.deb
 b99098652dc64debf4b211243d162c9a 20483772 debug optional squid-openssl-dbgsym_4.13-10+deb11u3_armel.deb
 22aee2840aa1f143273d2ee1284b0410 2490108 web optional squid-openssl_4.13-10+deb11u3_armel.deb
 1c783bfdb79290038b30629eb5949a6c 76392 debug optional squid-purge-dbgsym_4.13-10+deb11u3_armel.deb
 7ae9c79bb349c1d835d75834bf7b6f5f 158096 web optional squid-purge_4.13-10+deb11u3_armel.deb
 66bc7b34efd1eb5b124497d625e17d4f 10789 web optional squid_4.13-10+deb11u3_armel-buildd.buildinfo
 307aff3dd9bd23da038519d9cd0fe0d0 2353492 web optional squid_4.13-10+deb11u3_armel.deb
 53b7b15d1c37b34c9ea2b8f10c353007 188348 debug optional squidclient-dbgsym_4.13-10+deb11u3_armel.deb
 01bf18262323ed9664faf35023573178 167780 web optional squidclient_4.13-10+deb11u3_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBv+o19JDIRm4yIQ5CeROIpkCGwcFAmXqShMACgkQCeROIpkC
GweMog/+K5ZAQzGpl+K1vUIR0cnnQaX8zKJrgXrTm1PgMlFD8AuA4dMuBRdaX83k
lec3Nf3I8TZ4ArBlhSpTIcuJrWe5J8m+3nnr1O2KUD3IG8e9LvnwO7+ZVTgsxHWx
TnLnb5Whn/Bqtf3lRpHSCynXFl0wBnR1Bsr/Ep+36FbN74bddGvabeONHXDBFC84
E+JUCCJcYYYlO06nmuI+4GEXCwRSgLjeZXq1RdQDorJ8Tyis1tSdgVcsF2Cjp5U6
jfRkOPWBerxljFeuI+Flpqmg8wLzCb4g4iT6iENfo2oT4rpTyQ/TwVo+Bzza57do
lRDMtK3ecsycDiEqL+AhuP5goeceUU8OcyE5/iui7cEyMTr7iRR5DwcpZ0NXYHt+
BKhGc0+xcXzO4re0KVJasxnj7L02xMJkC05FE+KhxgqMMWFAYUGJS3Z19zHrSdP4
ekJDEYsPbyZ0HQ/hZoFsdU5QoSIlDQZ+RywxyJdeWKyits0sqLioHu2aTjI2a557
9R254COKIIsZino9OOHo6/yrtvqlZkY8m3TRo+9hHsSp/sdhjjIYRDwfQalsiPYU
k2jEUJa8HGE5b49b5guF32lMTGvhnqxZSOdPznHhq4Vc1QDP2E62WYYcGDWoSUC/
bsm5TzA6up0qV792JFLmes9IgPzQykOVgb9Nx/QFhh2DP7W+i78=
=07La
-----END PGP SIGNATURE-----