Back to squid3 PTS page

Accepted squid3 3.4.8-6+deb8u3 (source all amd64) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted squid3 3.4.8-6+deb8u3 (source all amd64) into proposed-updates->stable-new, proposed-updates
From: Santiago Ruano Rincón <santiagorr@riseup.net>
Date: Sun, 24 Jul 2016 19:03:08 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1bROg8-0006se-DF@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2016 08:09:16 +0200
Source: squid3
Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi squid-purge
Architecture: source all amd64
Version: 3.4.8-6+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net>
Description:
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility
 squid3     - Full featured Web Proxy cache (HTTP proxy)
 squid3-common - Full featured Web Proxy cache (HTTP proxy) - common files
 squid3-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols
 squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility
Changes:
 squid3 (3.4.8-6+deb8u3) jessie-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2016-4051: Buffer overflow in cachemgr.cgi.
   * Fix CVE-2016-4052: Multiple stack-based buffer overflows by wrongly
     handling Edge Side Includes (ESI) responses.
   * Fix CVE-2016-4053: Public information disclosure of the server stack
     layout when processing ESI responses.
   * Fix CVE-2016-4054: Remote code execution when processing ESI responses.
   * Fix CVE-2016-4553: Cache Poisoning issue in HTTP Request handling.
   * Fix CVE-2016-4554: Header Smuggling issue in HTTP Request processing.
   * Fix CVE-2016-4555 and CVE-2016-4556: Denial of Service when
     processing ESI responses.
   * debian/rules: include /usr/share/cdbs/1/rules/autoreconf.mk, needed by
     CVE-2016-4051 fix.
   * debian/control: Add Build-depend on dh-autoreconf
Checksums-Sha1:
 f11d28995403de264408781762ee460a88595713 2314 squid3_3.4.8-6+deb8u3.dsc
 aaa5bf777857f0397fc7483bcab794d4792e3602 38292 squid3_3.4.8-6+deb8u3.debian.tar.xz
 55b74b22740e05f3eb2786bd702bb4caa0f05a76 258614 squid3-common_3.4.8-6+deb8u3_all.deb
 54de1bcf23a2c9167acf3a5bff034ef2efe1441a 2068944 squid3_3.4.8-6+deb8u3_amd64.deb
 47d5ecf87d08541aa66f73d67887c9f7d2aaac02 8625316 squid3-dbg_3.4.8-6+deb8u3_amd64.deb
 f82417b42379cc9434b43e6c193aa59df9515487 141394 squidclient_3.4.8-6+deb8u3_amd64.deb
 3f75d7b3a2fbcf1cc19f7bc63f2dcd77ac6b4cb1 146710 squid-cgi_3.4.8-6+deb8u3_amd64.deb
 c41cb1030cfef59298169636e7af11724d60d09c 139128 squid-purge_3.4.8-6+deb8u3_amd64.deb
Checksums-Sha256:
 a88d455811f358543692cc5167771b60e6be77d89935a5bfb36926b15655287c 2314 squid3_3.4.8-6+deb8u3.dsc
 b52daf4b74c692be2ae2721e77913f6d18e9919fd37452e9ec92fbc11ffbf983 38292 squid3_3.4.8-6+deb8u3.debian.tar.xz
 54c9cc402cbeb152e60e27cf68141312c979e283d3b8a8c64a6d7891ca5642fb 258614 squid3-common_3.4.8-6+deb8u3_all.deb
 57573b36f7791327c5f77304146a8fef02cd15eb2bff50823346608f81e68755 2068944 squid3_3.4.8-6+deb8u3_amd64.deb
 ad4bf7c39a1c36d5567d03599313e47a2d41046c540b1586f650d708d948ac10 8625316 squid3-dbg_3.4.8-6+deb8u3_amd64.deb
 892c0c0445d07866adbcd1ee4bec95dde7a575150480e028ba2808603f520acf 141394 squidclient_3.4.8-6+deb8u3_amd64.deb
 20f11f0f85190d90d0d8eb95ededa7375e42db965c8f36e2769702fa75549c13 146710 squid-cgi_3.4.8-6+deb8u3_amd64.deb
 3ee29aef20147b3865c1ba79995968c14a8a84799f4eb0e885c1ec82ef67312c 139128 squid-purge_3.4.8-6+deb8u3_amd64.deb
Files:
 9c6a2bcdfd9497d8ddf4c46c11bec549 2314 web optional squid3_3.4.8-6+deb8u3.dsc
 de76e429fbc4179c2f59cc1f8bdf6440 38292 web optional squid3_3.4.8-6+deb8u3.debian.tar.xz
 891d9f2cf4d16d2777ff49c330403864 258614 web optional squid3-common_3.4.8-6+deb8u3_all.deb
 1f17cdceea95af0e6e0b851edc5c02fa 2068944 web optional squid3_3.4.8-6+deb8u3_amd64.deb
 535c1b1624dafe23cdc32740eb6e1495 8625316 debug extra squid3-dbg_3.4.8-6+deb8u3_amd64.deb
 d161c13799e992911294be23a13d1ec3 141394 web optional squidclient_3.4.8-6+deb8u3_amd64.deb
 ffafe5b3e572961d106ef482a8e9fe1b 146710 web optional squid-cgi_3.4.8-6+deb8u3_amd64.deb
 2c53c67c9d3d53c71effa96c95b6c9bf 139128 web optional squid-purge_3.4.8-6+deb8u3_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXkMXmAAoJEN5v/bjI1ki9IjsQAKrEzgWf5QrTAjsi2+f5r1n+
p5P9D7z83HNe3OrSVJ+dG4Eb/J9AJbRk0nfrtcf6zNZauUDUZ7iohgC3v9ueqy9j
9/ZXderv1qicbX7yUfv0pyCBJvyZY7OWKZHhvWo38kU9p9Dc0YXbpGrcHKztQgF7
C52hDW51LLYgtZp1A0sKQM5sSEOSOuoCG5bGZqWt7lVQw5AJaNCjIGzVrRyIh7De
5gXrNuIN31Ony6JJwZEDgJKoshDECkUk+QTtdH9KBGeZaZliFz+fzFkg5alv27B8
VnfP13G7viBP7U64voiGc++nt2gvrpnWeIyMxFC39Vkt34SvGxH0ZSqOoe59QL5M
8ec2Q6dTR+Eunfloyk7gv2c9GoYp6lSUUQApJGmV6uVbqXsKUV4hrxhWTq6I+Quu
oknDdv4w5CYgm7PmFMGpbDSWRweQDiXVthE5gR/VPbZ4cDWpaRpWDyE5tzFw1WH5
aeleD+ZoIwQx3FxaGHIAvU9vzA7z7TdOGC8qP6E6UfuxZ2xW9jhz2mGuVKVrRGD1
B0/TBdwp/E+/pjMnhR7p8I/PexcyaCxGgKI+KdqtcCBzgZKQ5RlNwHYjkFQyeYN1
EQrlAqtMxA9PsAcpa9LyXG9Z0GLG2qWW+JcyOq0qiVMpgKQCbhoPn9LDkSX/+vT/
7sKlNub9U3lrr0k874ki
=8VEI
-----END PGP SIGNATURE-----