-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 14 Nov 2025 20:44:29 +0100 Source: squid Binary: squid squid-cgi squid-cgi-dbgsym squid-dbgsym squid-openssl squid-openssl-dbgsym squid-purge squid-purge-dbgsym squidclient squidclient-dbgsym Architecture: s390x Version: 5.7-2+deb12u5 Distribution: bookworm Urgency: medium Maintainer: s390x Build Daemon (zani) Changed-By: Bastien Roucariès Description: squid - Full featured Web Proxy cache (HTTP proxy GnuTLS flavour) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-openssl - Full featured Web Proxy cache (HTTP proxy OpenSSL flavour) squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Closes: 1117048 Changes: squid (5.7-2+deb12u5) bookworm; urgency=medium . * Non maintainer upload by LTS team * Fix CVE-2023-46728: Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. * Fix CVE-2025-59362 (Closes: #1117048) Squid mishandles ASN.1 encoding of long SNMP OIDs. * Remove Gopher support * Fix CVE-2024-45802: Disable ESI feature support. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This problem is fixed by changing the build configuration to specify the --disable-esi option. Checksums-Sha1: 038474312ce26ae3b0649776a5f9aab5197030b0 165308 squid-cgi-dbgsym_5.7-2+deb12u5_s390x.deb 4b866f773de919e9a100ae760a4deea731df2073 160600 squid-cgi_5.7-2+deb12u5_s390x.deb 907715f6456e319760ec4f736eaf20de0156e867 21954384 squid-dbgsym_5.7-2+deb12u5_s390x.deb a30bcd1fdc8b08dd53176767dd0527797239f9fc 24184096 squid-openssl-dbgsym_5.7-2+deb12u5_s390x.deb 5e3083361519af11056c372b29d07d95974b5cb4 2483020 squid-openssl_5.7-2+deb12u5_s390x.deb c4e502f53d58eae41cf26338e37dba1df296c197 87688 squid-purge-dbgsym_5.7-2+deb12u5_s390x.deb 5bb09d29a3d132c272d26b9de3cf62e963d2a14a 151744 squid-purge_5.7-2+deb12u5_s390x.deb 05ec2424187822c28ee4a062450519f520b1aedb 10463 squid_5.7-2+deb12u5_s390x-buildd.buildinfo ab7c188323fd3352118b7f8edfd0fe48dd2f7827 2347136 squid_5.7-2+deb12u5_s390x.deb 6551e00ed628ec4da1520dc4310501c1ec521252 202960 squidclient-dbgsym_5.7-2+deb12u5_s390x.deb b002beef5873151a482ddb7fe8295c012a248f58 162436 squidclient_5.7-2+deb12u5_s390x.deb Checksums-Sha256: 9ce4485fe25bc02127098820b5398cfe4403d7740de3ff46d66b1e17f4b69d42 165308 squid-cgi-dbgsym_5.7-2+deb12u5_s390x.deb e18d5f09ec9b428034a5c8a4bbdd730a5fa63cd4b2e553daa4bb37bbf3c985d4 160600 squid-cgi_5.7-2+deb12u5_s390x.deb d3ec2b2b60aa08b508860fa054bafa3ca36c15587866acf5824a6d1b125fac4d 21954384 squid-dbgsym_5.7-2+deb12u5_s390x.deb 288828cfbe0335b50c7a95d67609861ee72bb72605e3e6d5a505fc29ffc92d1f 24184096 squid-openssl-dbgsym_5.7-2+deb12u5_s390x.deb 30808f19cbf6d7c76e44e3d90f261b99eed3286f2acfdb3ab0ca14e47cd8b2e7 2483020 squid-openssl_5.7-2+deb12u5_s390x.deb 8868a3883e07a61fb3e3d2c779fd811e53f7713f7a15e0d6600e7a113a1e83a8 87688 squid-purge-dbgsym_5.7-2+deb12u5_s390x.deb dfaeb5444ee4036edb264d0f10c264b97bddf33fbc4457a41bfad37edc9eb71e 151744 squid-purge_5.7-2+deb12u5_s390x.deb e4d57f9f83834755b453e8d703d58bd9966d4dbaf3b13e9e9de1bf8f8c9a09b3 10463 squid_5.7-2+deb12u5_s390x-buildd.buildinfo 17a1b6c0df4ff0f890dfe21e3ccb076463766853dd70265bca516b63dc337059 2347136 squid_5.7-2+deb12u5_s390x.deb ba4a44210d666ba161a6225fcf25da39a2c3b89072f2eb290a8232529ba0a1e4 202960 squidclient-dbgsym_5.7-2+deb12u5_s390x.deb eb855ec4cad955ce33dcd7177e58a534aac1b0f2dd3251710ee906b8ef50056f 162436 squidclient_5.7-2+deb12u5_s390x.deb Files: ca78fc5c232b54039257f4b6b0d1fa60 165308 debug optional squid-cgi-dbgsym_5.7-2+deb12u5_s390x.deb 518de4dc09735ff784a8f04113657441 160600 web optional squid-cgi_5.7-2+deb12u5_s390x.deb 325d7a325e7e94831a479ab45c884de9 21954384 debug optional squid-dbgsym_5.7-2+deb12u5_s390x.deb 479432b58dfd395fb742a062bc418e0b 24184096 debug optional squid-openssl-dbgsym_5.7-2+deb12u5_s390x.deb a6417393272fa115c3faac7f34be3048 2483020 web optional squid-openssl_5.7-2+deb12u5_s390x.deb ed9d619bd63af299cb976edacaa12a87 87688 debug optional squid-purge-dbgsym_5.7-2+deb12u5_s390x.deb a308f372a6077a58f01fcf7a942897b4 151744 web optional squid-purge_5.7-2+deb12u5_s390x.deb f86e78c42f59c333c5af6e7fefabb9c4 10463 web optional squid_5.7-2+deb12u5_s390x-buildd.buildinfo a8288c05ed19197dcaf6fc33824b9cd6 2347136 web optional squid_5.7-2+deb12u5_s390x.deb a8dfcc2a53b0bafb86596268b212eb4d 202960 debug optional squidclient-dbgsym_5.7-2+deb12u5_s390x.deb 1040bbf3869970491166f0f93e8f59fc 162436 web optional squidclient_5.7-2+deb12u5_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgh4msZ+e2PZfd5KckaCrxAR3BY0FAmk1vukACgkQkaCrxAR3 BY3KJQ//QQN8j4mcTUUjyBUmqj44yVrK63pOppNylMDGGcqFJLLYjCOUCWMANXon PSngLs/+T+jwZsQW7y7N67rl/YSWu7w+fcqaq2AZj1IYswF42N7chcId9p4Juycv HW0AzTfMBYx+NBvQ6e5ooV5OV4SgyYORyKCL9hX/Ubdv//iT+06lvRWIDmbdyzbj +HBXsrapFgIDWQATyS8NE0PkEpWJi5P612l7s5wT1PAGlE+iE80wLa9fU7+Q4Z4m pf9NbvL9ttfz574se7kLwCDsxHIZ/G2MGoLfKij+uwArRT3re5OL8cozlV2ukj99 GfGc1skRWY4pdMV2hLvKd58HTD+5l3W5Da2YNmfA3CSKd088PrN88E0MJBtDyeL8 V562fRdvdY5JavIOvX314gjirzzkNvFbJDhvWwuH+H/KK8//hhxldJ1QXfpQNWdH lae/QZlPARDgBfKudMDPWiUa3CrrvAPAAQwaft4Slq9oN1ak2d+5Nn4j5MJCMTiw NI94kMzQQXQxW2o2j+oTnmwwTFQSBp26pdPvM3UXjJoB50C3BECVg6a4T5QrhEP+ 8zSGPsFR+U++xnCiaACW6joRXfLZRZI9Osdh6lqmpKEiXHTT2xvCE1HIZWYHm/3Q bMHy4gndcBlq7K6RaBIu8dUnArCE+l3huCNrvYVPEKZg9eEO6EM= =JcIA -----END PGP SIGNATURE-----