-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 Mar 2024 23:14:44 +0100
Source: squid
Binary: squid-common
Architecture: all
Version: 5.7-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid-common - Full featured Web Proxy cache (HTTP proxy) - common files
Changes:
 squid (5.7-2+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848,
     CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638,
     CVE-2024-25111, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 688ffa9faf7c1f4845e64f54fac582e901d699f6 314384 squid-common_5.7-2+deb12u1_all.deb
 5bc38cbd6bc597e7c34eec278476270f4b9197d9 7630 squid_5.7-2+deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 19800b4b3b8619ae593643444ad563c972985eb2cad3ef39da6705c4cab55fdd 314384 squid-common_5.7-2+deb12u1_all.deb
 c6e770b5eb401e1ae5121fe9eb48adfe722a46846b7cd297bdab264f740b5b08 7630 squid_5.7-2+deb12u1_all-buildd.buildinfo
Files:
 e883916dcb5818e1b5fe8d3e357375c8 314384 web optional squid-common_5.7-2+deb12u1_all.deb
 b9da596651373f3b2e825833349185e4 7630 web optional squid_5.7-2+deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzW1K1578DQd6MDTQEbLkkg2OS0oFAmXntfcACgkQEbLkkg2O
S0q1qRAAu+vMusFBfRIklE+kefXDIlaxI50BFriwChtrQgBQqT669R9/SH08+0PQ
mWDt3SADGvngWOAZyz/uupoXIvmpmDvwTpVJbsbXtCmj8rlL/3cjRnba5vQS4fWi
iyXwBxpfYtO3feQFDhggiVA6L2rRgOwRt8HQVZcsj/bayNTlM/nbLZ/uK8dUJG4L
KaKfmTaZlvbXBcmIQBbrU0hn5UUSbTAbtDhP43AI1eW8uuOC8Lnj/UbdVLR7aOXx
dKPAYl0VAjz/4qEmX4o2uEaRSFbwacM00Ny6flU8ibJ/l4CWQEthe2luR5xG/Q3d
BbQ631G1+CWAKVkr6ClPSuT+BZqZ7aKN6K2o3zBW0IAm3mZ9fBBvWdQIGP73RrZn
8HqrzywDEx/ao2X9fv70fh6d+KIyrB9lcFPHcOv1Y+pup63/rWR2MtOpFiar0kyV
aLXEcffLfYPlLA5UHJ2kTC522T5FA010ekG28vG+aIhtWGYtcTGPlFPkVm2+4zFo
EvvMoGYbBsXTQGGnhvv3Kb2FhVXq33BycMgTEDOUUrS2z9k6L84ktgZwRSUPFcCe
fxPCbZNluGWoZJ8SUqtaLIq1A8ip4RPzCCLhTMqTt6XrwJeqwiJTL/o+pK8zFQnU
4+EEczL0v4WQJhXFpdLaeKwxqTVsrH/IDMaphSdmPN6XB5niaeM=
=LGzA
-----END PGP SIGNATURE-----