-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Mar 2024 20:52:04 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: armhf
Version: 4.13-10+deb11u3
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-arm-04) <buildd_arm64-arm-arm-04@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (4.13-10+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 CVE-2023-49285,
     CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 265f7e5e82c0c92d046705ca2513dfebcaa79c18 151636 squid-cgi-dbgsym_4.13-10+deb11u3_armhf.deb
 dc0b7d4e707f57ea75615f3ac7271135d4292e0e 165428 squid-cgi_4.13-10+deb11u3_armhf.deb
 9fb8109fc902ad8eaaaff69b3878565a86d4fb5c 18486276 squid-dbgsym_4.13-10+deb11u3_armhf.deb
 fd21e29bf057852e31d08e4b68c5d73dd061b7c1 20507248 squid-openssl-dbgsym_4.13-10+deb11u3_armhf.deb
 4b521fd915edcc1dc1fd4347a479a7276560ec31 2552388 squid-openssl_4.13-10+deb11u3_armhf.deb
 8ac19e650dd159ccb55fcf27793f4d566225005d 76868 squid-purge-dbgsym_4.13-10+deb11u3_armhf.deb
 0b906b1b3cfb1a3f3279b75ec45ab3b87d59b0b4 158060 squid-purge_4.13-10+deb11u3_armhf.deb
 e06cdb328d478b9678e1828cfe81e6313fbc9975 10791 squid_4.13-10+deb11u3_armhf-buildd.buildinfo
 7a3a640edc123db68ab5472159035c66555fae8b 2412540 squid_4.13-10+deb11u3_armhf.deb
 6042ae7dc5d1be4386a13ca3e65253a50cc5c00d 188136 squidclient-dbgsym_4.13-10+deb11u3_armhf.deb
 7c8dff3ce04bb0351861f94789bbfac4ae64dc93 167588 squidclient_4.13-10+deb11u3_armhf.deb
Checksums-Sha256:
 baec328cd0bafa8b984cc74b50f8a9f65fa2d1b1e2d8b13f2eee41cd4026075a 151636 squid-cgi-dbgsym_4.13-10+deb11u3_armhf.deb
 afb06488aaf7a099f1af2e1a48511a4cbf6398e5c23b3750dddc0f5e01a3be49 165428 squid-cgi_4.13-10+deb11u3_armhf.deb
 1149aef22f831ec8d8dd6ce179dbfd8dbc05b164136fe96553854acb0926ba71 18486276 squid-dbgsym_4.13-10+deb11u3_armhf.deb
 4ca1895ab6d3661da7c1dc86a8c09af6caa74fdae5113745f4ca96b75a33edd7 20507248 squid-openssl-dbgsym_4.13-10+deb11u3_armhf.deb
 44dbf92ee97d27cd4a07058016903c326df9d9e9a276f2ed4e10f866a14216b9 2552388 squid-openssl_4.13-10+deb11u3_armhf.deb
 e39db081fbad62d78cee1e2e0ced55da44900d4c7d2db131a4f0192493d808c1 76868 squid-purge-dbgsym_4.13-10+deb11u3_armhf.deb
 697fdbcafdf9cc620642f575992548f829b00efbbcb4ae1635e2f8379288276b 158060 squid-purge_4.13-10+deb11u3_armhf.deb
 357dcc30d54fb0bbb5a8401cf2341176d6401efb63f3a840ee9dc6448f912f59 10791 squid_4.13-10+deb11u3_armhf-buildd.buildinfo
 3873ee38bd848354d4d0331058941569956c7f55720458afacbe1842e967bf79 2412540 squid_4.13-10+deb11u3_armhf.deb
 4d414dee7c64b2dbe3d4c629af3e88a33895ba63ac3445df503bc76f24de563a 188136 squidclient-dbgsym_4.13-10+deb11u3_armhf.deb
 25646d1a7cd3c182376699054d096e172ceb76d109b51094ca683d55b4d888a9 167588 squidclient_4.13-10+deb11u3_armhf.deb
Files:
 f15c5a0218dd32ed7eeaf1555d8aaab2 151636 debug optional squid-cgi-dbgsym_4.13-10+deb11u3_armhf.deb
 8c8cafd03ad045c34cf0cae3c282ee3f 165428 web optional squid-cgi_4.13-10+deb11u3_armhf.deb
 38b75405f8173c78e47b6d2181b15a23 18486276 debug optional squid-dbgsym_4.13-10+deb11u3_armhf.deb
 a5df8ea24ae25820217add4b3a48a164 20507248 debug optional squid-openssl-dbgsym_4.13-10+deb11u3_armhf.deb
 a4efa0e550cefa0045e8ecd99cf224f1 2552388 web optional squid-openssl_4.13-10+deb11u3_armhf.deb
 873a1ed92d95b3c0735d2eccd1fc3b33 76868 debug optional squid-purge-dbgsym_4.13-10+deb11u3_armhf.deb
 f3f2c66809714f37624960608b6f85f4 158060 web optional squid-purge_4.13-10+deb11u3_armhf.deb
 701e0b41784dfeb9bf241c52635475bb 10791 web optional squid_4.13-10+deb11u3_armhf-buildd.buildinfo
 1228a7aba9c0b3d052bcdf8feee26703 2412540 web optional squid_4.13-10+deb11u3_armhf.deb
 102deb345b9adb4318c14c43c773ecf2 188136 debug optional squidclient-dbgsym_4.13-10+deb11u3_armhf.deb
 2e4d1c306109cd2d37db7062ae0a0468 167588 web optional squidclient_4.13-10+deb11u3_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmUDOxnfDwdc47jJKqoc2e3yvTA0FAmXqTMQACgkQqoc2e3yv
TA2AzBAAsXocUUT01Geo5Xz6o3/tP2NK7xKgKmbR+KU48rHQX6avOaJZo2kAVfuR
La/iK40Ub5W7dCVJ3NkmIzsR2PNPyIRQQRfGelOLqqMlvhOXIHPD3/0VoQS1BgWY
f27XCyljw4SWG3H7Y0s2q2owytT7kcj1r4S1p6d6rLbNYRqQhA+ry3Wy/FhjfL4F
HtMbM/S5CstUiFFQJt22gzkaLG3NIxCNHRvPJ+MzFXAqidi+/f0jHMdEPNOoctR5
WXvFVjvyxWpsr8iU7rr9oPtgH06YORukiW5Z47eERLv+Ed8bNRLnF0cVs1cMUy//
loPXcceUpJJLLmkcoHJcFYYrchf4M+tgcmVLh8G3EBVt4y5Z4t6j/bJdw4Jtk2mu
nHvVHfsuuJ4GoQr/MdrKBbLQrXxUKCWKswGf/qgDY1o08ovH25pLrYoPQRNJltFR
3pehBc1ahAAcA3Qt72sohk5LhxzMIx6ENYeYGMWjnfJ17HgVatMzxFt/k/4feYrc
q0aLbNLGqcU2Fbon5D7K+iiBq092AAM4wtM0dBrGc/aMNBnC2Bhp2aVQk3Ou9zKs
7ApfA8o3JZAF5JVxT11/zzcgn+XyyQk2u2umhzQnhrUlnK/o3FxEqT6hQ+T61haR
rqL1TNVbuLRshIFiUkzNsP8++2nfVSvJZGDPf64mL1WZol4cipQ=
=Eixi
-----END PGP SIGNATURE-----