-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 23:14:44 +0100
Source: squid
Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym
Architecture: s390x
Version: 5.7-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour)
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti
 squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util
Changes:
 squid (5.7-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848,
     CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638,
     CVE-2024-25111, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 3b1b86f2958f4e45a10d8b8581dc796fb43637df 165308 squid-cgi-dbgsym_5.7-2+deb12u1_s390x.deb
 82d6190a439fd877bf705de5d877f5ec7bfb926b 160096 squid-cgi_5.7-2+deb12u1_s390x.deb
 bc29116fa2fdf73f76f0b26d872a785909f01856 23517988 squid-dbgsym_5.7-2+deb12u1_s390x.deb
 f1c13eaa4c85556d3f9af5122b33f9ea94653220 25799932 squid-openssl-dbgsym_5.7-2+deb12u1_s390x.deb
 29ce03403460d5481bddfe355b241de29cddcfdc 2672700 squid-openssl_5.7-2+deb12u1_s390x.deb
 7db37cda7362afa8cb8147bfc76387d74c96a8ab 87696 squid-purge-dbgsym_5.7-2+deb12u1_s390x.deb
 93cca9faa807f1209b4ba61eb78aecc1326cd712 151236 squid-purge_5.7-2+deb12u1_s390x.deb
 42888ebc6f9c2fdce5a2f6b4a046b6d820b5f208 10183 squid_5.7-2+deb12u1_s390x-buildd.buildinfo
 510f9f2cfed4d287e03ba06bef335f0261e825eb 2524948 squid_5.7-2+deb12u1_s390x.deb
 1f1fb39e773a4a6b0592e02b6b14f483add9f47d 202936 squidclient-dbgsym_5.7-2+deb12u1_s390x.deb
 72b8204fa8ecba6752754f490c6e7eda8df6d12a 161928 squidclient_5.7-2+deb12u1_s390x.deb
Checksums-Sha256:
 6e05569bd01e6edf962bb7c39d9f946eb23e77f1b808d45f104e1a98bb7caa4a 165308 squid-cgi-dbgsym_5.7-2+deb12u1_s390x.deb
 e531f659c547fb671ef9ab50c0267ba620f3bdd3b2a2495e10fba91846b9ea83 160096 squid-cgi_5.7-2+deb12u1_s390x.deb
 d902ee56a4130c5fa4499985383a44dce3d4a3209ab4c3b55e9d2da95ab3fe20 23517988 squid-dbgsym_5.7-2+deb12u1_s390x.deb
 8d63fc90202b4dcba29a960d079bb8def4f96f56a88535c2f30d8110b8124111 25799932 squid-openssl-dbgsym_5.7-2+deb12u1_s390x.deb
 b3ec9dbea089328c4aea288c78e016de23b75df2b7c089713443dbe20e6b9b43 2672700 squid-openssl_5.7-2+deb12u1_s390x.deb
 5590265fee353a41a3afcbb095e138023dd9f6a68905356d00fd53d2acf395cc 87696 squid-purge-dbgsym_5.7-2+deb12u1_s390x.deb
 aee2eed57f63b098f1b90d40e5f4a0d0e364670f1bc6723aa6a5324270bcf830 151236 squid-purge_5.7-2+deb12u1_s390x.deb
 aaffc705b317702a4d6f2f928914e0fc606e7197c79eb418886efb14cd4c2987 10183 squid_5.7-2+deb12u1_s390x-buildd.buildinfo
 3ccbdac96815ecc164728fdcd619d473a9ea16f8121dd490b2f0498635716642 2524948 squid_5.7-2+deb12u1_s390x.deb
 3be292ede9ab3790fe2a8443e9446b31d66f060ad481426feba9f97c494dc5a2 202936 squidclient-dbgsym_5.7-2+deb12u1_s390x.deb
 c2dd60607501f144dfb0158927d0b9314fc197081a917bae43d46375725b7342 161928 squidclient_5.7-2+deb12u1_s390x.deb
Files:
 7dbcc2bc1f871d7fa8480d03105dabcf 165308 debug optional squid-cgi-dbgsym_5.7-2+deb12u1_s390x.deb
 1f54138e5148db27e8e9f9608fa54c8f 160096 web optional squid-cgi_5.7-2+deb12u1_s390x.deb
 70c8a99f6534d6001f52f23ef721afba 23517988 debug optional squid-dbgsym_5.7-2+deb12u1_s390x.deb
 2077e3d4f263c9b7ead62ed5a654a1d1 25799932 debug optional squid-openssl-dbgsym_5.7-2+deb12u1_s390x.deb
 aa6cb7c702f10bddb724bde5990b8340 2672700 web optional squid-openssl_5.7-2+deb12u1_s390x.deb
 103f43765c6f41e2832d627a4995fb27 87696 debug optional squid-purge-dbgsym_5.7-2+deb12u1_s390x.deb
 d3cf3be54bbc01792a3b3dce67ab699b 151236 web optional squid-purge_5.7-2+deb12u1_s390x.deb
 9e58890255dfc158b9037f6836488f84 10183 web optional squid_5.7-2+deb12u1_s390x-buildd.buildinfo
 c7f2fcd88cfecf1c1519df87899af31d 2524948 web optional squid_5.7-2+deb12u1_s390x.deb
 b1690b77a2d3cba6b92fa58a18f4f537 202936 debug optional squidclient-dbgsym_5.7-2+deb12u1_s390x.deb
 44454f53d4957771abd5ea3c48bb4f28 161928 web optional squidclient_5.7-2+deb12u1_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETdQgQHyJW2hcXsTC6b+AMjGgQHgFAmXntf0ACgkQ6b+AMjGg
QHhfHxAAkuH62D5oXSTjBJ5XErYU8FXX6lZZ86DChy+VRYFWsZjPQEsMldstAVf0
FoalI/zbdfZArfiCsfMJo3SMF9hcnxcTmBZrohci+GiLmWabpI7/18D/fTxKAsDv
rRwsiZS1uDrhXOrV9+uv7hkP3Eu4czLbqsMy79YAWUdUkNe6zV8jUVhacygHqQJU
xV72pHygWdJcaHMqtmmwEhhfLQvVUWR8XbYBHPrhuqw8tclN8A5mANa+/UDovPIy
gEZi/C5M4wwQvpRuKoRHbUjhYAZbxzp4HSVrOTFQyW74eXlbbS6VP1D5HQhlDEZL
0Kr0Q93M9lPEW1IFLxrfaFVBPc94fFniHvXQ2jE6Sf3jw1SaGcy7kepTPEdbz7+q
urYHKQp863HDdig4/A+66wyvs51U+AFCq0s1kv3qYxZjsdQ8JlhzOMxejO9/B1VQ
xJkx7RZ/wDyWkqVrSOHXoeMLioGoC/BLOnS76+fFVwnjaMGVWWS09a52V8edendI
QujJ78a17Gm5w7WXoBz9m0zBF+wOqmB9hT6GiPKZ2RvxQGuj9YGz8MMJKByHjhlA
LpzHbQ+xHovewpvtFHJkBF4ZLol8a/qdaoCPTLocZo6N7VXlBYMmFW9uzTXJBKQE
rcDB9FGXDaPuYCbQ6CZfpPm44B2v6az3Pg4IeolFdR8Y1MzxAfU=
=8ZiK
-----END PGP SIGNATURE-----