-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 14 Nov 2025 20:44:29 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: i386 Version: 5.7-2+deb12u5 Distribution: bookworm Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Bastien Roucariès Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Closes: 1117048 Changes: squid (5.7-2+deb12u5) bookworm; urgency=medium . * Non maintainer upload by LTS team * Fix CVE-2023-46728: Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. * Fix CVE-2025-59362 (Closes: #1117048) Squid mishandles ASN.1 encoding of long SNMP OIDs. * Remove Gopher support * Fix CVE-2024-45802: Disable ESI feature support. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This problem is fixed by changing the build configuration to specify the --disable-esi option. Checksums-Sha1: a1b4f692ce629a8daf48ffcb7ed00342f0e95742 154588 squid-cgi-dbgsym_5.7-2+deb12u5_i386.deb 5fdd08b028158dcdf84332dc645489b28f2d74ab 165056 squid-cgi_5.7-2+deb12u5_i386.deb a9ae6d6e3f04815e5602bf5a8eb722ea0c45ed36 20886412 squid-dbgsym_5.7-2+deb12u5_i386.deb 37cd8ea437f2e4dfef4d5cf533e3a1f7f89b12d6 23073196 squid-openssl-dbgsym_5.7-2+deb12u5_i386.deb 83a96eae058a2c62897e44c5e0e1b31ab0b93f77 2916996 squid-openssl_5.7-2+deb12u5_i386.deb b67f70615f7cf7acad7c4b19f4385bfe45cc18cf 83224 squid-purge-dbgsym_5.7-2+deb12u5_i386.deb f16417bc7dd64f846fdb9d5c2bc4d7ed13169ead 154248 squid-purge_5.7-2+deb12u5_i386.deb 22d43935e2363774a281a32db5b928b96026de8f 10476 squid_5.7-2+deb12u5_i386-buildd.buildinfo 26f90635112fe322bf553229ff95c32f630c2497 2747244 squid_5.7-2+deb12u5_i386.deb ba6d05b3e97bd2107e88d0b06b7219d39918f7ef 189128 squidclient-dbgsym_5.7-2+deb12u5_i386.deb b9160a52bc8ad2ee203e2ec505b6329e635e0112 167420 squidclient_5.7-2+deb12u5_i386.deb Checksums-Sha256: a876555b061372bf0f8e6227acdc6890b4e1076207b7fe2f82b97e65dcff1529 154588 squid-cgi-dbgsym_5.7-2+deb12u5_i386.deb ff9b3268328e2ba264d58fecc8937bd321c8125c8d1ad028e2dc4111410277b6 165056 squid-cgi_5.7-2+deb12u5_i386.deb 8b949f9c376b721a3e82411ef1c2db74d735867f340c7203a3a4539db64c5bb8 20886412 squid-dbgsym_5.7-2+deb12u5_i386.deb 6556f84a6dc4c3b4746d2873e6ce9fd2385429d0d459d5039fda5a25ea33b7d1 23073196 squid-openssl-dbgsym_5.7-2+deb12u5_i386.deb d13ff8a6272bff6416f311e20a02cad8e05ff2eb84c2a3d1dd9e52cac4c3bda8 2916996 squid-openssl_5.7-2+deb12u5_i386.deb bbb6b0e9916f5ed9bf61e1ed46d5893985f408a4a2e7aec81209e92a53b25d26 83224 squid-purge-dbgsym_5.7-2+deb12u5_i386.deb a6927dc4d8ab7e8c3b092100a496c915c4494b2d6a1415e1fc168b7b1c285c07 154248 squid-purge_5.7-2+deb12u5_i386.deb 4c0dc5349202c06ddf5fb9e16ed02f31629c2719d897bc5eefbe69a9c128681f 10476 squid_5.7-2+deb12u5_i386-buildd.buildinfo f9f66d6d800018511375b4ad777f5e06be87c156d7cb97374f88b2b4c7fa7679 2747244 squid_5.7-2+deb12u5_i386.deb f615496200ef771eb3a942986639021d978eaf1b41bedeb410147259ff34ed4e 189128 squidclient-dbgsym_5.7-2+deb12u5_i386.deb 0afc2542513e177b59f135b9de8a89c2a3a0b3d6ff8a13cfecb18aa7486d57a2 167420 squidclient_5.7-2+deb12u5_i386.deb Files: dacb56af1392ede9d815f88fcaec02c7 154588 debug optional squid-cgi-dbgsym_5.7-2+deb12u5_i386.deb f91898c394dc923676528535b066cff9 165056 web optional squid-cgi_5.7-2+deb12u5_i386.deb 71e2cc7211fb3609082c88245de32823 20886412 debug optional squid-dbgsym_5.7-2+deb12u5_i386.deb 0106aeb57873f9ff0680de24617008d1 23073196 debug optional squid-openssl-dbgsym_5.7-2+deb12u5_i386.deb ad42dda289cf9c0d90470a8d50219023 2916996 web optional squid-openssl_5.7-2+deb12u5_i386.deb 62786d11f0c4b7421692e1dd0724b4bb 83224 debug optional squid-purge-dbgsym_5.7-2+deb12u5_i386.deb 3512211b31580632d78a5daa250d306a 154248 web optional squid-purge_5.7-2+deb12u5_i386.deb 9a2f95b1dcae659adcce26f52f42f9be 10476 web optional squid_5.7-2+deb12u5_i386-buildd.buildinfo a1340139aa40b6c3f056fb02b49a6bf8 2747244 web optional squid_5.7-2+deb12u5_i386.deb 52467d91d8118a1ed02cd77c9ff34dc7 189128 debug optional squidclient-dbgsym_5.7-2+deb12u5_i386.deb 199bf0959fcf8df84dd4fc50c75f5f3e 167420 web optional squidclient_5.7-2+deb12u5_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErwLLVsiCiGZggzpHJuP6X4A0XeIFAmk1wd8ACgkQJuP6X4A0 XeLYThAAsNPpSxAg2Z8f5MDOazvBiskJIYmlJRdwnvz8jHVdLw6/MMu84wj9TCz7 Q6CMKiXJIjIKk7O5BjujHIuv2Ly0y7xcvGhYjkdIoOU93KoiVXgt84xmRZsa9Mbt 3xVBvt29tC7klBfubBCB2Kvh+4PCBX2K+i6MdnCAWV7qOWwOafE8iDOjPF8FiYic /nZsAPGhttX4+dwSxna4ZalmtZuTovtUmKj7+P+169EiAVo0p+aoL0m51G4zPsiA 6UAfhNWkIL/awy4loure5DMc2ggQwzOd3yPErFvPR5LnauqeM63TwLoGD8nAfOto foofcz7/HMPvUB2Unc+7xdeRQpEgjJ+1R/y7ZZZIWoibOYwZbZwD7SPelDvShR5z 1mk/XNkvyNLiv8zEws7tQna29de7+1oPudVrs4eAqrKBkDhEQLD7gdQsWQIOys1H hvmdD0dYYGUavLvJ9hLNgk6u7AnvSBC2/xbRkrFcjkKCIZeDKY3+WfUc/5oBwg0Y NuE7qxBeogwxVG2qcRvx6GaFFoiQWP46qUuPcftrZba5FZcDObyvxVdOj4kCN4Dz EY7hp1YEJNUc7cWwSWx1dGc4VIgjEZyFJzXpxcHZbUUZO20Bz/8y363l2mwbkKbd XwX2YbnxBIUZxRQ7yCi6ECVNLh6B6JRt1j9ugm+fSxS7SDaSdwU= =6IOP -----END PGP SIGNATURE-----