-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 14 Nov 2025 20:44:29 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: mipsel Version: 5.7-2+deb12u5 Distribution: bookworm Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-04) Changed-By: Bastien Roucariès Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Closes: 1117048 Changes: squid (5.7-2+deb12u5) bookworm; urgency=medium . * Non maintainer upload by LTS team * Fix CVE-2023-46728: Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. * Fix CVE-2025-59362 (Closes: #1117048) Squid mishandles ASN.1 encoding of long SNMP OIDs. * Remove Gopher support * Fix CVE-2024-45802: Disable ESI feature support. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This problem is fixed by changing the build configuration to specify the --disable-esi option. Checksums-Sha1: 86fb3b3be87b46d077539892d158dfa919700d55 166084 squid-cgi-dbgsym_5.7-2+deb12u5_mipsel.deb 4d661eb6118f795e3c6b93a692812f0c9f941632 163788 squid-cgi_5.7-2+deb12u5_mipsel.deb b18585acdd775669299bda2bbe2e12af99740478 21888056 squid-dbgsym_5.7-2+deb12u5_mipsel.deb 7e7ffa2840ce73cbe0711ee06ef00a2c075c1f5e 24084808 squid-openssl-dbgsym_5.7-2+deb12u5_mipsel.deb 4fb552b29713406b07eac37c6088bd1c8683c8f9 2301140 squid-openssl_5.7-2+deb12u5_mipsel.deb 04a7141ea93e5dd7c44464f43e7f904a90021e73 88480 squid-purge-dbgsym_5.7-2+deb12u5_mipsel.deb 1a1901e879176fcdb7cfdba705398032b82f3429 153876 squid-purge_5.7-2+deb12u5_mipsel.deb 188661fedc777a9b070b59271b4dd417a6461555 10381 squid_5.7-2+deb12u5_mipsel-buildd.buildinfo 9404b7bb5627ded5ffe2fe365c123ff4af8fd47c 2173068 squid_5.7-2+deb12u5_mipsel.deb 068deb8d9edbf8bc7365ab2daa95262b2208e98e 200672 squidclient-dbgsym_5.7-2+deb12u5_mipsel.deb 18e7240d4234fdb4cba901473bdbec4cd98ba8fe 164656 squidclient_5.7-2+deb12u5_mipsel.deb Checksums-Sha256: 2c474fbe247ca7c2b9ecb14183ee0b4c34fdc0b69c0eacce292118500c1fa9ad 166084 squid-cgi-dbgsym_5.7-2+deb12u5_mipsel.deb db3bee7bad5dca8967730b9aa5f19008bf32aee6a1ab306a10284705af1b2e80 163788 squid-cgi_5.7-2+deb12u5_mipsel.deb 93e9e696b51717ec4593f9bf19a07afebeaee1eea22957bdbb0627c7ca249f48 21888056 squid-dbgsym_5.7-2+deb12u5_mipsel.deb f850ef9e253ad1f87fe6cd9ffba1590d0c8707085e6b11d52b1993cf2d265289 24084808 squid-openssl-dbgsym_5.7-2+deb12u5_mipsel.deb 394af29569cb6e32e969314d659e5fe11b56627ea0554b7ab9350fcd9ae9027e 2301140 squid-openssl_5.7-2+deb12u5_mipsel.deb 179660f78b1f394ec69b0679a640f5b83ff18511bace2c573a7c7dde38726a6e 88480 squid-purge-dbgsym_5.7-2+deb12u5_mipsel.deb 334da332c413071e76bd33ba8dc73727d63c40bc9a001bef3bdd3a4f5b4d8f76 153876 squid-purge_5.7-2+deb12u5_mipsel.deb f4a28e0b89faf3e53115b121dd42e7e083a680228c570e660334dd260b023a82 10381 squid_5.7-2+deb12u5_mipsel-buildd.buildinfo dd7090368eee7af5321339d82b77daf95b760c338d20fae5b1839f602e524f0f 2173068 squid_5.7-2+deb12u5_mipsel.deb eba8b089c62677b1e914487902629d0e2a049e98b24acebd8c56e8df99c38440 200672 squidclient-dbgsym_5.7-2+deb12u5_mipsel.deb 5c57820517f05e6375c28e80c1006765f31d7f7fffea355dd875686778d68ca5 164656 squidclient_5.7-2+deb12u5_mipsel.deb Files: ae0eb1a24923b947878a9614c4c031a9 166084 debug optional squid-cgi-dbgsym_5.7-2+deb12u5_mipsel.deb f164ef850e1bd491f23779f79ade497d 163788 web optional squid-cgi_5.7-2+deb12u5_mipsel.deb 073db919b9ffcd443a119a38f48ed8e7 21888056 debug optional squid-dbgsym_5.7-2+deb12u5_mipsel.deb 7a0a4a3ddb6881dd436c88fd9627a6e8 24084808 debug optional squid-openssl-dbgsym_5.7-2+deb12u5_mipsel.deb a5d0b37973b57829c25678e7229fd4c3 2301140 web optional squid-openssl_5.7-2+deb12u5_mipsel.deb b043fa6881d8b9fd5c0fc156715037ac 88480 debug optional squid-purge-dbgsym_5.7-2+deb12u5_mipsel.deb eaaedf71db6a10d19e6929f3cb8c3700 153876 web optional squid-purge_5.7-2+deb12u5_mipsel.deb 7f7a26883d99cdcc74d20e3a51c38667 10381 web optional squid_5.7-2+deb12u5_mipsel-buildd.buildinfo b768482dd2f07d8d4748cf377236ca61 2173068 web optional squid_5.7-2+deb12u5_mipsel.deb 0d8ea90a547eb8fa791122b1cceeb669 200672 debug optional squidclient-dbgsym_5.7-2+deb12u5_mipsel.deb dcb4dbbf838e01731ac74a176d1d69de 164656 web optional squidclient_5.7-2+deb12u5_mipsel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEyYUQCyzsgu940OiVpwP2OD8jZaoFAmk1zN4ACgkQpwP2OD8j Zap/2Q/+LYRchMj3dh/W6mehqBZtCqrcEXtPR6HRP3YZ7EDNdn6cr7GGsHzKCCyU uExlwQluqHFJz8u6giFGCjzqb/X1l/yrwSyQV9dYOIVcrd67iYfWeYS+WZ+VKijU RH8Fr9gZsM6W1y+50i+OKII3vNbE5SkjwNQsvp8hCEgTDXHugZs+JgYI0p29VKRY pN+kKDO18bvDSn050Rbt+E9clgC4TUh9Jd6KWI6zZBEbW3EdYwxnbgIWjeafDSHn VWDHO50t1t6KuLrtR8iNLJ/mQjKRu3AYMOoo5S5SA3hE729gToPEngoy8SXiRKWr HutBbzNwkH2DyLrljHIx57fAH11eUQhZfKSO95wU1kgxMlEwwi3n/Ryzgt8e2GJK D32AQJjFqz0b4eVZXZr5CdEi120nwXR7S+CHFxQGgxqhMYG6XcanBHXhzcZJDiB/ h0pMS4Fc3aI+/AKgonOkx+B+vfpDGWx5P/yZXr5FXPA90cYTD6ht7DsXYsDX2vHs eYV3+PLESGd9Tp9ur9JtIFzPcEO78ZMLwdaqXCGlrrU1uZXGShgx1mCQLyk07JQV rGDTaKhZoXTYR7nIZpmuR93RqoYVZ7rHmzpwrQd1itUVA+m7217L6zpQnQCFQsnO ZnfPzsJMEF4GmofCobFbr9Sq9ePNwW9ifxgAFIQ9Q0grkkC3xyo= =9j0y -----END PGP SIGNATURE-----