-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 14 Nov 2025 20:44:29 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: armhf
Version: 5.7-2+deb12u5
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_arm64-arm-ubc-05@buildd.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Closes: 1117048
Changes:
 squid (5.7-2+deb12u5) bookworm; urgency=medium
 .
   * Non maintainer upload by LTS team
   * Fix CVE-2023-46728:
     Due to a NULL pointer dereference bug Squid is vulnerable
     to a Denial of Service attack against Squid's Gopher gateway.
   * Fix CVE-2025-59362 (Closes: #1117048)
     Squid mishandles ASN.1 encoding of long SNMP OIDs.
   * Remove Gopher support
   * Fix CVE-2024-45802: Disable ESI feature support.
     Due to Input Validation, Premature Release of Resource During Expected
     Lifetime, and Missing Release of Resource after Effective Lifetime bugs,
     Squid is vulnerable to Denial of Service attacks by a trusted server
     against all clients using the proxy. This problem is fixed by changing
     the build configuration to specify the --disable-esi option.
Checksums-Sha1:
 2768be0be2e392427c11cc1f0585098cdaaddfbd 162584 squid-cgi-dbgsym_5.7-2+deb12u5_armhf.deb
 f68dbe82f3f618a2a00eeffbced2f3e504edd7cf 158260 squid-cgi_5.7-2+deb12u5_armhf.deb
 42cc081f70d805abefc74b9a7666536165d5ce22 21715924 squid-dbgsym_5.7-2+deb12u5_armhf.deb
 5ae4a393172a75e5cbbaad3a3aa2a09f69f4a1e6 23894856 squid-openssl-dbgsym_5.7-2+deb12u5_armhf.deb
 4b3331e9e480c320731d1bb31d0ba546fbe247ea 2549116 squid-openssl_5.7-2+deb12u5_armhf.deb
 be30b7dac016fc97d8990c137b52f88667aea767 88528 squid-purge-dbgsym_5.7-2+deb12u5_armhf.deb
 1be908654a36f6e09fae4711e8105b5a18b4a511 150808 squid-purge_5.7-2+deb12u5_armhf.deb
 6a77db5b36cdfed0a657adf24f31e7b1f2f7e4f6 10419 squid_5.7-2+deb12u5_armhf-buildd.buildinfo
 787564fd50fe35661f54c367201b36d842f1f58e 2409452 squid_5.7-2+deb12u5_armhf.deb
 9a7b21e2b0f9c63d9d10b4121195b8bd25177c1c 201288 squidclient-dbgsym_5.7-2+deb12u5_armhf.deb
 fa85483220007ddfffee81e40c040717df91fb35 160548 squidclient_5.7-2+deb12u5_armhf.deb
Checksums-Sha256:
 c0817371625eda85171a82346c7d41a7ab12ade204b535875910d33e04920124 162584 squid-cgi-dbgsym_5.7-2+deb12u5_armhf.deb
 4b2bf55a684321425956a5ad974df742ba1d4273cea2f07f26c64ff8d641bd66 158260 squid-cgi_5.7-2+deb12u5_armhf.deb
 ded53df9e1404689253c2335d44a4c2eb7eedc10ad3412e54aa8cb2af99c8f9e 21715924 squid-dbgsym_5.7-2+deb12u5_armhf.deb
 5e9ed5e5d2dea490c7e01713cfc7c6b96f67873a3bfb384d964ec05bc33b7185 23894856 squid-openssl-dbgsym_5.7-2+deb12u5_armhf.deb
 216b0879c433bd231553a5b4f853ccacc102d744a1e3140f66de52add63a9cfc 2549116 squid-openssl_5.7-2+deb12u5_armhf.deb
 21385c85bfb2dc264aa3baae7c06727e52b2125c3de806fbedbe0dac0278471d 88528 squid-purge-dbgsym_5.7-2+deb12u5_armhf.deb
 982425ac6c1465c15b3d3803ba95bd458241142a55c66e915412f5c6468eb91e 150808 squid-purge_5.7-2+deb12u5_armhf.deb
 bb2f5199f454fda62040014c83fac5c183064d2a252740564bd4a8f94caab19d 10419 squid_5.7-2+deb12u5_armhf-buildd.buildinfo
 a00644658c1f88d0ff3157091ebadc7c5d18ea3f668f3b19d86c8dd986aa3490 2409452 squid_5.7-2+deb12u5_armhf.deb
 f4d162f831c2d6dd394832c4ebed9b69cedade7b7087fbd7090254f8096b72fe 201288 squidclient-dbgsym_5.7-2+deb12u5_armhf.deb
 a3492455eff642b9691a95f8474c1f8952b51da70cc18adf4567b05e945a1bf6 160548 squidclient_5.7-2+deb12u5_armhf.deb
Files:
 69aed1b2b87794a459b3d253852926eb 162584 debug optional squid-cgi-dbgsym_5.7-2+deb12u5_armhf.deb
 84ce037df18452cadb8769b000091c51 158260 web optional squid-cgi_5.7-2+deb12u5_armhf.deb
 b745416f2738e5f77cbed309338cf01a 21715924 debug optional squid-dbgsym_5.7-2+deb12u5_armhf.deb
 92a0c70d1a965e6eb4d3bfbe038221d5 23894856 debug optional squid-openssl-dbgsym_5.7-2+deb12u5_armhf.deb
 3d726bc2a5bfa3da8ada8d83dba0b584 2549116 web optional squid-openssl_5.7-2+deb12u5_armhf.deb
 c94324597eec8f86e4658e5d2aaf4b7b 88528 debug optional squid-purge-dbgsym_5.7-2+deb12u5_armhf.deb
 7d4b39508eeaa259718cf984ce4f2de7 150808 web optional squid-purge_5.7-2+deb12u5_armhf.deb
 8af6e1fc8cee8189f802bf435a6b9fea 10419 web optional squid_5.7-2+deb12u5_armhf-buildd.buildinfo
 8f74ac810ec8d05a8e20e96faaa98e56 2409452 web optional squid_5.7-2+deb12u5_armhf.deb
 7af1e72f8b66caae72453a045cc1c510 201288 debug optional squidclient-dbgsym_5.7-2+deb12u5_armhf.deb
 3e931d28c2563ef1a3f29bccb508450f 160548 web optional squidclient_5.7-2+deb12u5_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEiIG3Q3DxwDgRKKeyLRECdjCZQkcFAmk1vdsACgkQLRECdjCZ
QkeKWhAAgT9JxN+5szbacgG7QOK44zoAzhxJXf08Zv6UaBoAAHUXqGzKrZopZXgk
octZpjbAessejwOtoZlCS1ny59iR9bGYIlOBFFSZT85Qg77zv9cNZbcLgPrcBvcQ
HMYkWlgi/GGzz8UivOtcqKuJ9CDNS1WTaGY8zZha8ZQm4nfOOP6ka0Fxfs2F+sT7
9f7ZFvf8q8/1bkyjlEMKFvRrqt6vLJEzJatrFrGN0g5ssYT7optYYqn/Pg8nY97y
IryKa2DyzXmmtf8m8gEvAFaFNLBOyb9kthgKa8t++J5HMu/EsosgFdvREIEe7KZ/
vS079zv0sTFvig+A/oe7IyznDiKPvfvJLtaUbaBTIB+gJ2RFDvdZvkw8VsmglIg9
HFP2TAicza0Gx8YdQ+KRvg92Umbvt4dTQlLaYMaOmbFgUXQIGDSYCV0IrCCDoe2G
CZM9K0IhAVScrrndFeOZD6z6ZydjXFzruo3QwCXhAeo37VVLXF56rwekEyE1MC/6
yXYrvvF7To2Xwq23nTvf4ns/7KN2jcH3D0PjWBa8+DBzeVCy6TMvsLAa2WEY3NyV
R4u81y9JHtZLqiz29hrhlmd+IPm+Ehk02cS3pTVksG60jKuoP5/HYutsKWe8nSrT
IWzRYuE+MPerIVTHJTEw/H7eKwf7QzzAwVo/D+kqb3fQB5168KI=
=PLCk
-----END PGP SIGNATURE-----