-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 14 Nov 2025 20:44:29 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: armel Version: 5.7-2+deb12u5 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-ubc-04) Changed-By: Bastien Roucariès Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Closes: 1117048 Changes: squid (5.7-2+deb12u5) bookworm; urgency=medium . * Non maintainer upload by LTS team * Fix CVE-2023-46728: Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. * Fix CVE-2025-59362 (Closes: #1117048) Squid mishandles ASN.1 encoding of long SNMP OIDs. * Remove Gopher support * Fix CVE-2024-45802: Disable ESI feature support. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This problem is fixed by changing the build configuration to specify the --disable-esi option. Checksums-Sha1: e0443421994aa9da98d73a835518fb5bff74e3d5 162632 squid-cgi-dbgsym_5.7-2+deb12u5_armel.deb 207bee81069078f6f71000c995b2f5b17390c8fc 157996 squid-cgi_5.7-2+deb12u5_armel.deb 1dae20430b3a9101afa7ef126922dce2bdccb742 21719952 squid-dbgsym_5.7-2+deb12u5_armel.deb ac579db80935fb72bb5b24e98102989d25ab0425 23913536 squid-openssl-dbgsym_5.7-2+deb12u5_armel.deb ee209afe0ed43fa872a1ed379d2774aa31ccbb45 2492836 squid-openssl_5.7-2+deb12u5_armel.deb 6b3fcb6f87d34fe82c1f6a362899e20320b499a4 88240 squid-purge-dbgsym_5.7-2+deb12u5_armel.deb a56e73a723c79ca5b9a8b3be2bfbc06ccd3ade6c 150840 squid-purge_5.7-2+deb12u5_armel.deb 63f399e9a03565833579cc62cb6ee83f28029097 10417 squid_5.7-2+deb12u5_armel-buildd.buildinfo 86bcb1294b05bc84419da87d77dc414de5a4747d 2359352 squid_5.7-2+deb12u5_armel.deb 81d6f2d78f62693840cf4f6da2adf2824baaa201 200200 squidclient-dbgsym_5.7-2+deb12u5_armel.deb 21ba6b693f924249e6259ad82a7b21241705c1c3 160252 squidclient_5.7-2+deb12u5_armel.deb Checksums-Sha256: 19f65084498f2680326ae544b273d9912493e76cb2ec80ca9215d7248dea235f 162632 squid-cgi-dbgsym_5.7-2+deb12u5_armel.deb bf98e67e7dfb428209be17da67e5cd699542812a83e3866c682874fbecf461bc 157996 squid-cgi_5.7-2+deb12u5_armel.deb 2505dc07da382c5e6718d1346515f65694fdf63a2d97fe2bfe4e9f48c4243cb8 21719952 squid-dbgsym_5.7-2+deb12u5_armel.deb 527739e7d6fac4b53f3cace0e849052bbe2961b07d054a5971fc4335fa2e26cb 23913536 squid-openssl-dbgsym_5.7-2+deb12u5_armel.deb abe4ab996d07273f7960f016844cffaca4d273aa78c69a61765d5363be6e480a 2492836 squid-openssl_5.7-2+deb12u5_armel.deb 8ce2d263f44fcbc998023415747e99e0b46d203e61eee685f4ea1da31fcf7163 88240 squid-purge-dbgsym_5.7-2+deb12u5_armel.deb ba43c549586f5453b38a513bb3b413c43a105e55ad2ec82248658a00bd70bb02 150840 squid-purge_5.7-2+deb12u5_armel.deb 7b1079135ea9bd152729f53f95ce2358b4a8d8efbdd275679d5782057b9d2f16 10417 squid_5.7-2+deb12u5_armel-buildd.buildinfo 92ac1261915889099334ede2f45bc829ec82dbb1bb6166f455ebfcce3111e4f5 2359352 squid_5.7-2+deb12u5_armel.deb 1057b2e26722501816f016a0c9f14a321704f15bca2e6a9515afe35d98844dd9 200200 squidclient-dbgsym_5.7-2+deb12u5_armel.deb 55eb4f0831e65c5d734f46d1d15ef28e3b87a1b53b3949643fa38e25040f7a53 160252 squidclient_5.7-2+deb12u5_armel.deb Files: 08ea31a92ce53a8c1cbc7a4019e21ec3 162632 debug optional squid-cgi-dbgsym_5.7-2+deb12u5_armel.deb fc69a0ebe0f82ac01f8c8c8f6b03204a 157996 web optional squid-cgi_5.7-2+deb12u5_armel.deb cbf77898037b95da017783798c5441c5 21719952 debug optional squid-dbgsym_5.7-2+deb12u5_armel.deb 4d7605f4d78a917404dd36d50a0cd10d 23913536 debug optional squid-openssl-dbgsym_5.7-2+deb12u5_armel.deb d4b4fa2f32019cd665dc337ca18e1cf6 2492836 web optional squid-openssl_5.7-2+deb12u5_armel.deb 99f4037057e828cf5d39ae64dae3c832 88240 debug optional squid-purge-dbgsym_5.7-2+deb12u5_armel.deb 42f2ada307d1fa6666bf0a1f2bc266b4 150840 web optional squid-purge_5.7-2+deb12u5_armel.deb 885d7c94a7d52b49d5dc76afcf0c955a 10417 web optional squid_5.7-2+deb12u5_armel-buildd.buildinfo 7fb31d73a5897f3017a560f3f497ae3d 2359352 web optional squid_5.7-2+deb12u5_armel.deb 1574f736859bed986a141491a4baa066 200200 debug optional squidclient-dbgsym_5.7-2+deb12u5_armel.deb 391d05feab35bd90aec850751f27d37f 160252 web optional squidclient_5.7-2+deb12u5_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEUPFH3FhY8nQZGtLwVLd4YzMSDKEFAmk1vkMACgkQVLd4YzMS DKHW5w//TMo8tSgkCoJ4drZwJOeRHjoaP7lmLc3invyt1wODdeNPKAySiNOLOxOm +y8r2g11ZYAAuVE1gL6A/DT2sCkrrhbV3GO7sEIGluTnKqvpv8SOxZfz0KASsWfI UydsyHyv9C/fhUci+zupccbz3g+UTXG212xuYTBRQgKMYico5DqvuHv/rS5POt2H qEMHR0LTqZcBoCbHZKb1wXT7UCc4Xewlp1Mpyl/GaSe4y9ltgCvBYifQNnU9I41Y d3PNXptLzHl+IUfu1RELo1Ovupm5sQzfFFTJX7GoWuzuWl0gGE6EBx7mF7OHBGBS +Xy+uy8LKlNg4ywr4NBbJyahgM/O0AhQGVVHJu6jVkWO8oPl89X7wfuVFGavIi4f 09043srqOM3qWb5eyGR1iOS+Bx7iNO6qN9a3bnmjTZzfU/7gkmVgsAU0gA/JFcYM 83eL56M9yGCUQg6j7nZxyNxWr4gZet0cXRcnFVbimtdotu8viZwDKT/+GrJNIa4g /YVKtxFBj+8X0MngFmBCzWL4ut5aB5ahwVKYNeEwDGJtXQ5YOgogi1dZa61eMpc8 N+yX7z5YeDnAFPrD71w/T03Fk6XiFmQ0Tx251sJb4WFrNuJBr7x3M2Zae+wDyO+9 CaqaB1rP1KxgvFnXq35UxeGPkClrO1uh/nxv+Fa2gRobGDlHFwA= =VBi5 -----END PGP SIGNATURE-----