Accepted squid3 3.1.20-2.2+deb7u8 (source all amd64) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 02 Feb 2018 08:11:05 -0500
Source: squid3
Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi
Architecture: source all amd64
Version: 3.1.20-2.2+deb7u8
Distribution: wheezy-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Roberto C. Sanchez <roberto@debian.org>
Description:
squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI
squid3 - Full featured Web Proxy cache (HTTP proxy)
squid3-common - Full featured Web Proxy cache (HTTP proxy) - common files
squid3-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols
squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility
Changes:
squid3 (3.1.20-2.2+deb7u8) wheezy-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* Fix CVE-2018-1000024:
Incorrect pointer handling resulted in the ability of a remote server to
return a crafted ESI response which could trigger a denial of service for
all clients accessing the Squid service. This issue affects the Squid
custom ESI parser.
* Fix CVE-2018-1000027:
Incorrect pointer handling resulted in the possibility of a remote client
delivering certain HTTP requests in conjunction with certain trusted
server reponses involving the processing of ESI responses or downloading
of intermediate CA certificates to trigger a denial of service for all
clients accessing the squid service.
Checksums-Sha1:
1a4bc29de9c51b6359f62a914efbdf28af4353c6 2101 squid3_3.1.20-2.2+deb7u8.dsc
1d176c3dd22109891c050e598cf920e748950ec0 40135 squid3_3.1.20-2.2+deb7u8.debian.tar.gz
50861872f7a203cc8fb1660a5ba4c90875a37e35 204004 squid3-common_3.1.20-2.2+deb7u8_all.deb
05b7bf7b5098b2ebc2eef061657caec6b579cb55 1644978 squid3_3.1.20-2.2+deb7u8_amd64.deb
8f7690644d0aaf0b7731dad3c728b2ff9cd89e5e 6998962 squid3-dbg_3.1.20-2.2+deb7u8_amd64.deb
482f94f5a9b580484bb31f543f493360f40d9d20 114416 squidclient_3.1.20-2.2+deb7u8_amd64.deb
e74a6865fccc4b3aedfef73de6336a37163ddbad 120292 squid-cgi_3.1.20-2.2+deb7u8_amd64.deb
Checksums-Sha256:
f17bffadc5c560dc71e63784feb89d0f2a9425a1d8fd76c2ea1df34564b7d75c 2101 squid3_3.1.20-2.2+deb7u8.dsc
5f71d39891dc4c9f0c15b66e1bef52cd251087e4509fe27176fb87fe2183864a 40135 squid3_3.1.20-2.2+deb7u8.debian.tar.gz
a0346486102e2ab7fb39b2d8042a4854695921cc64dc1dee334132088ce62a13 204004 squid3-common_3.1.20-2.2+deb7u8_all.deb
a84c5cb2ebe72459a13def2cbd4e68d058562562def9cd4b472678278de56941 1644978 squid3_3.1.20-2.2+deb7u8_amd64.deb
eac859d8fa06846be7977e33665ba10071aa0325ffd11e38fa39aacb6d8aa6af 6998962 squid3-dbg_3.1.20-2.2+deb7u8_amd64.deb
d85d6bd87768c967a83ba59147901a0b52766183c28534ab19c8e87b07ed8bfa 114416 squidclient_3.1.20-2.2+deb7u8_amd64.deb
ed8819ce1f51acdf1c31d3af8673acc80b00e016e02b3e195e20dd8bcec01793 120292 squid-cgi_3.1.20-2.2+deb7u8_amd64.deb
Files:
89529203ee84a41fe37cdde61c089269 2101 web optional squid3_3.1.20-2.2+deb7u8.dsc
9aee254e839687b59eed34e9ee3b6c71 40135 web optional squid3_3.1.20-2.2+deb7u8.debian.tar.gz
da831edaf281b8f480d462f6e9637adb 204004 web optional squid3-common_3.1.20-2.2+deb7u8_all.deb
b00dd8ba8ceea3e24bd6f2652c6397f2 1644978 web optional squid3_3.1.20-2.2+deb7u8_amd64.deb
72934da12faf8fadad3796ed82557866 6998962 debug extra squid3-dbg_3.1.20-2.2+deb7u8_amd64.deb
c15b6195f521a2c4a4c9f5b0f2f9c93a 114416 web optional squidclient_3.1.20-2.2+deb7u8_amd64.deb
3d67bdadb101a17fe9baef5d11935f95 120292 web optional squid-cgi_3.1.20-2.2+deb7u8_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEIYZ1DR4ae5UL01q7ldFmTdL1kUIFAlp0bKAACgkQldFmTdL1
kUKWjRAAzT4A7q3qF+ZaUV/JrJ8ZokZYnRUf+SNcIjylhJjmMZlURPUXPKuyBbu3
YElwiSlGGP84rlNzjwkzCR1Uz4h4MzayLrMrlmN37MxdgVTxgZJ0MQNZvm5qNUxs
xJ5DDgr/6NmqUvkE1xmjx/Qqo2Nlt7R1k16oRugKBy5DZf5IUscUHizfA2XqUOGE
h7SaxcQeq4GlRrV/hcusTTPa8PmwE6yhZEDD2dzNdOqAXqWIhw0WoOPpnbVBgin1
FIOHCOmnBdHt/kwwjWPIJy3POOlKtqogb3kkiws6uDaxv8K1a5l+l1PHKtM32oJA
fGNoQbtpD1MBl5flR5Se7PFOIoM90BoUhIPvvJCL5WuY4HLXHXS8mFYCZkd8krkb
KPmjTUWgJXCcusP8JiZ7+hs9794v4o0AnsyXi8tgpnCF/XyltyXBB8ncGsUsietZ
odzzaJiw8SfEucLKNfjqjgtcF7h+4GoGkI5T5wtPuPJdv1ZTOJLMQ2FNpnYDIj9P
dKQKNO5Qjj4ohnHpMuuwIZkPSiYoMlKBy57Y4m2Ie3buNvJm2Cf/Y9otzDwkE+ZO
Ux8GFigimA6sc8L15aGrE8ASYpDisOWvHotU0/J2CF81GA+WyEnA3F4rYF0RdIp6
c7cKnUmgRJjh90iyLT+Oi4I2GVfrCdASqoQb2cZn5Nvi+AHFyHg=
=tQb/
-----END PGP SIGNATURE-----