-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Mar 2024 20:52:04 +0100
Source: squid
Binary: squid-common
Architecture: all
Version: 4.13-10+deb11u3
Distribution: bullseye-security
Urgency: high
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 squid-common - Full featured Web Proxy cache (HTTP proxy) - common files
Changes:
 squid (4.13-10+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847 CVE-2023-49285,
     CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25617.
   * Several security vulnerabilities have been discovered in Squid, a full
     featured web proxy cache. Due to programming errors in Squid's HTTP request
     parsing, remote attackers may be able to execute a denial of service attack
     by sending large X-Forwarded-For header or trigger a stack buffer overflow
     while performing HTTP Digest authentication. Other issues facilitate
     request smuggling past a firewall or a denial of service against Squid's
     Helper process management.
     In regard to CVE-2023-46728: Please note that support for the Gopher
     protocol has simply been removed in future Squid versions. There are no
     plans by the upstream developers of Squid to fix this issue. We recommend
     to reject all Gopher URL requests instead.
Checksums-Sha1:
 2a38dfcd2a74a9d84c20fccb7720d5bf68d17e4a 315284 squid-common_4.13-10+deb11u3_all.deb
 fef172c1dcacda26766cf962ef3bd712b2469e54 8178 squid_4.13-10+deb11u3_all-buildd.buildinfo
Checksums-Sha256:
 5551be5d62a9ad48a8e3a020cf86184e1db7952e1bef895c3788e191713593cf 315284 squid-common_4.13-10+deb11u3_all.deb
 2eb022d0936f8b0a367beb652d9914b3e327dfc24c06e40a05782add1b8bc2fe 8178 squid_4.13-10+deb11u3_all-buildd.buildinfo
Files:
 be5fb5348970229b0d8e508c57d9d6e4 315284 web optional squid-common_4.13-10+deb11u3_all.deb
 3cad4447be1d518eca4b1ee4b64544f3 8178 web optional squid_4.13-10+deb11u3_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtzb3SVunlrB0F8t8ExOkVqF4GXMFAmXqSc0ACgkQExOkVqF4
GXPeqRAAuujfIrK02A7V9PtuQ+gmNfeP69huNjCjeZpIkcZFnu5fDgpeLIEUX4Xu
Hf0b+FCgSorRpDWNzYWgjLyrkS2POdnw0vIE2d1Lj4gF89ywp7HskmEHexH8zK4t
TaDgXnUC9wn3+yGYzmUgw/FybUx2UlHWloaUJjoJ3zTAw1y1iIBgnBh/bwt51AmL
2pZvmYzwEttYfIalvNUUqySclaG15L+9beQWY73Fi16WblWgpIuwFFclZhCA6/tj
rPQrcZy/kQTRcx3IHTeZCBmhqJcGHoHl/0mDr2bmB2ET3ADEe0YC2e1soGVvooLw
ynMG57pdRwvOb1F8ELr1hkJ8XM4QWQaObxgJ/0HJU+p3j+lCsZNFo+eqfjWt1p4J
McVBcOpt/COKOP1UE57csngBzX1tsiYS5FjPs0wY+KlGdiDRtYfpzki3fl8W8hTT
oDa+HhaMi62dEk7dnzhC20dwFhNmBRlQwfTCaQFlUH5HVCVZpN1HgsaWB3MRw7oa
vThKG1R7QMk+CIXXvSzZpQ1yKMG8v5jCwFbErSDoz6ku2MC2peTqU0zllEf6+cbh
lK9T6GShoN5lqVOy0QDq5lSpyEsfDtA88/1vZCOAaHkhoaOYS59AAmWoKHYMuwPC
3JpJ3WW2rKwg9QXk0W/QdtnVWLiAzaYaUe/4/HoHSG9qOcTsRDk=
=Jsys
-----END PGP SIGNATURE-----