-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 14 Nov 2025 20:44:29 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: amd64 Version: 5.7-2+deb12u5 Distribution: bookworm Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) Changed-By: Bastien Roucariès Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Closes: 1117048 Changes: squid (5.7-2+deb12u5) bookworm; urgency=medium . * Non maintainer upload by LTS team * Fix CVE-2023-46728: Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. * Fix CVE-2025-59362 (Closes: #1117048) Squid mishandles ASN.1 encoding of long SNMP OIDs. * Remove Gopher support * Fix CVE-2024-45802: Disable ESI feature support. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This problem is fixed by changing the build configuration to specify the --disable-esi option. Checksums-Sha1: 3db665ee98e95c9e5b55556b3b332237e29f1d70 166416 squid-cgi-dbgsym_5.7-2+deb12u5_amd64.deb 9846c9efe2eaf521000848ae0f5061049791c489 162940 squid-cgi_5.7-2+deb12u5_amd64.deb 331ba42f61d49f07bfcd865ed7256b9f8a7aa7ec 22303868 squid-dbgsym_5.7-2+deb12u5_amd64.deb 6a9a12e201295d46b35aa6ec047ea2c61114dbdb 24624212 squid-openssl-dbgsym_5.7-2+deb12u5_amd64.deb 1c9cf9b1205664b8e0c7a368951225d1c044f922 2825012 squid-openssl_5.7-2+deb12u5_amd64.deb 5844f578d58f6bbec8063825599c69c9a674b2f5 87888 squid-purge-dbgsym_5.7-2+deb12u5_amd64.deb c6d1c67f63353ce3e340918e1d28cfe306dd3d96 152856 squid-purge_5.7-2+deb12u5_amd64.deb c1da070b4d0fb54fc51c90d48585d321ac31ed4a 10576 squid_5.7-2+deb12u5_amd64-buildd.buildinfo 012112dcbf2652f3b15727b655d17cb0a345b95b 2664664 squid_5.7-2+deb12u5_amd64.deb 4802c8d456e6e869ef4a9129944253388bfa6948 202152 squidclient-dbgsym_5.7-2+deb12u5_amd64.deb 336cfbbac636bf9cfe26331df07135ab8a8e812d 164932 squidclient_5.7-2+deb12u5_amd64.deb Checksums-Sha256: b9ab2817088bd1d59005420bc257a7f7b2bccbc10bdf307ed3970b7a5515b6e2 166416 squid-cgi-dbgsym_5.7-2+deb12u5_amd64.deb b5da237d08a800128d8be6574ac3f4c0481aa22f3810cace0b0c9d43d215be53 162940 squid-cgi_5.7-2+deb12u5_amd64.deb c187a1191ee9a05cd2712934b28f0ac3cc1526ec9a8ce21f5bfb1914ed20e4c7 22303868 squid-dbgsym_5.7-2+deb12u5_amd64.deb 0e63e213532542b2dc3b525792c54d10f16322fa26747eacf55ed8ac02344be3 24624212 squid-openssl-dbgsym_5.7-2+deb12u5_amd64.deb bbe73df97a8f8c8666f55c1ee0a85539b1879d3fe87cf8d818561ae74507c98a 2825012 squid-openssl_5.7-2+deb12u5_amd64.deb 31426178856d080bbae7ad2f86bf6a4e0d01afaefa134cceab1e7d2bff572124 87888 squid-purge-dbgsym_5.7-2+deb12u5_amd64.deb b85312b5464d11e9405e35232442e002749288db93d692ddd0716c522d88da5b 152856 squid-purge_5.7-2+deb12u5_amd64.deb d28bcead4f5b50e899f3b903d0b445b6d76c29ea9e924d5506eca625000b8f03 10576 squid_5.7-2+deb12u5_amd64-buildd.buildinfo 955d284c3d0cca79ec5acf177ba5d9be59214f08c60b09892849a0e30575d4db 2664664 squid_5.7-2+deb12u5_amd64.deb cba27b2e34100bf7a249230edafdfba5dedabbaf1d48b05fb3d59e37140d8dc9 202152 squidclient-dbgsym_5.7-2+deb12u5_amd64.deb 152eb6d52e0114dc9ef3f5e3051ffb73d8f22c84b20c9537d30a6bc2fade0f9a 164932 squidclient_5.7-2+deb12u5_amd64.deb Files: b004ff755fbe788104d5eea9275fd744 166416 debug optional squid-cgi-dbgsym_5.7-2+deb12u5_amd64.deb e206009b97c4b5bdccfd9fbf172a6efe 162940 web optional squid-cgi_5.7-2+deb12u5_amd64.deb 46c60b18fec456d134e0610f889bf3b2 22303868 debug optional squid-dbgsym_5.7-2+deb12u5_amd64.deb cb1204773c38afef0ff3ea6dae2795a4 24624212 debug optional squid-openssl-dbgsym_5.7-2+deb12u5_amd64.deb cba3755f6530b43c1d935501c7899139 2825012 web optional squid-openssl_5.7-2+deb12u5_amd64.deb 9e76f8ff8dbcd6fb313de80a0e784f67 87888 debug optional squid-purge-dbgsym_5.7-2+deb12u5_amd64.deb 53ca9b931b6074d8108d429ea030dd52 152856 web optional squid-purge_5.7-2+deb12u5_amd64.deb d63953814def2c7bd42a4c68f2ad18ce 10576 web optional squid_5.7-2+deb12u5_amd64-buildd.buildinfo 9526f7709fb513b9232a0fded54dd6fb 2664664 web optional squid_5.7-2+deb12u5_amd64.deb ecaa6382d5c8bcfc5a3b6649c74f51bc 202152 debug optional squidclient-dbgsym_5.7-2+deb12u5_amd64.deb 222d5a3b750a73828ce009753f87888f 164932 web optional squidclient_5.7-2+deb12u5_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEnw0rdzqckKx6dwRTEbCLukZn24oFAmk1u5UACgkQEbCLukZn 24qdTQ//alcpJs44a9OfesPGYXKBpPDpz1o2+YIkj9E55bMH6KTYzAmap4B89fSu vqs8W5fRymvH+m40INXF8o3I+TCdPSr/QgjwNSbloiKZpVG6Ea9mZ0j4J9UfQW4f x6ieuZlVVidYLtDE9urFOZ4JcYsW0m3GHOZnUNuLe7sLE+7Dzrvbha1vloMCDL8Z zMMkRbRtrGJ6rWa3zpyyxyoyjltOGBnjFuiMQjRmev49TKv5K2PVLFJoohnDTWr2 pn/EOcBFWFQYUjIP/rMIrbE03X72FTHVEI3H2BeySzDcrl9MSTEaPPyDU7Eosre9 KGLM4NdYQ1rvqDDp5y6uLjnMaSuNxZFQMa0jmS+sWBD0DiC83L31d+J1ibhJrpPw FHBFVDVGHQBQBJxCEFGMzArwoaMDNJWcJqra5nGFSApeBdzQkM1EIPK3g/K1lqnB vJsMiCFbIFzdcvWnzf6JZWasFEHfTILX7tPuALtJEmlGEKDEKboabeuTtyjI8hnv wPohvUJdjEaP8RoTPO1c3fGda3GHPCuD/WF5eMed8C8K+yyU0NXu7jozqMCKTj3P 0/tC9MAgZT2Oq349EIfzJVRRifR75G1UJ5mrz5+TUw/EKwMuT/osEnwK8EMWAwHf mW+KM8KUghrqvpwLXIXZ6cka34IQqjpJbgZYhjEbJMmsk2f52zY= =gGdz -----END PGP SIGNATURE-----