Accepted squid 4.13-10+deb11u4 (source) into oldstable-security

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted squid 4.13-10+deb11u4 (source) into oldstable-security
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 11 Mar 2025 10:00:19 +0000
Message-id: <[🔎] E1trwPL-00GkWQ-As@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 11 Mar 2025 10:31:43 +0100
Source: squid
Architecture: source
Version: 4.13-10+deb11u4
Distribution: bullseye-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Jochen Sprickerhof <jspricke@debian.org>
Changes:
 squid (4.13-10+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
 .
   [ Roberto C. Sánchez ]
   * Fix CVE-2024-25111: a possible Denial of Service attack against HTTP
     Chunked decoder due to an uncontrolled recursion bug. This problem allows
     a remote attacker to cause Denial of Service when sending a crafted,
     chunked, encoded HTTP Message.
   * Fix CVE-2024-37894: due to an Out-of-bounds Write error when assigning ESI
     variables, Squid is susceptible to a Memory Corruption error. This error
     can lead to a Denial of Service attack.
   * Fix CVE-2024-45802: Disable ESI feature support.
     - Due to Input Validation, Premature Release of Resource During Expected
       Lifetime, and Missing Release of Resource after Effective Lifetime bugs,
       Squid is vulnerable to Denial of Service attacks by a trusted server
       against all clients using the proxy. This problem is fixed by changing
       the build configuration to specify the --disable-esi option.
 .
   [ Jochen Sprickerhof ]
   * Fix patch for CVE-2024-25111 and use -std=c++17
Checksums-Sha1:
 50ee160432ffb871040e12df35de1c04fc086733 2780 squid_4.13-10+deb11u4.dsc
 eb3a76276886977a96ed190eaec17cd0dd3fd8ae 68668 squid_4.13-10+deb11u4.debian.tar.xz
 a112b06bb5d0ab1aa65f4d6838d1935a9fdb40e7 6070 squid_4.13-10+deb11u4_source.buildinfo
Checksums-Sha256:
 2feea6c5705658c15150317187b7e14bcf909a77f47840b23f4cf3ba047a589c 2780 squid_4.13-10+deb11u4.dsc
 84e934d4566fbe24522db09bd5f322e3646eccd4ab3b9a6faaa147604e5e4768 68668 squid_4.13-10+deb11u4.debian.tar.xz
 f45f8f50f0cdafe8c2488499ff49a39867cbb6e910f0900e02582263679f1d84 6070 squid_4.13-10+deb11u4_source.buildinfo
Files:
 287996af1a7dd6a863f4018f9da053a4 2780 web optional squid_4.13-10+deb11u4.dsc
 dac4a95e37dbe50ecc024427ae10a912 68668 web optional squid_4.13-10+deb11u4.debian.tar.xz
 64941561a8a5076f2859064c6f7f58af 6070 web optional squid_4.13-10+deb11u4_source.buildinfo


-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEc7KZy9TurdzAF+h6W//cwljmlDMFAmfQBPMUHGpzcHJpY2tl
QGRlYmlhbi5vcmcACgkQW//cwljmlDP3Vg//YfymMULNfg1bdbZU3zqdPJdeyf1s
PFO1iK25uvolFvkKB1Tuf5sUXxtbd7Q+HGWaT9R+QV4T1RPZMMVdXojl3AraWhlv
s0LLrL2dzvodSLXaaPLd2y1TreENDlaZV0Nl9yJbJ1yKZfo2R3kR37fTBwtYhv+u
12O8vFLzYUwURl94hoNHSxGkLDZE8cs45j2EQLMyjdNd9ivUjJH3YB1UIuI2VD+C
O8Ll0gScZrKmnN546ANTCcDkaespMuotHJnksVOxKSHadgt4MZXyfM1/EK4o2D6c
O2JEYvDiBIsjK3lmEJ0LxyvogqtS1YnQZ/udugdGr4WWdP1YbGw5FRn0PBoKPvee
mMi0NvptP8RXLddpFC3qExmO34omfbJ3nBKvoZuwTzZZW4UMlyNvBvd6Dssw0ChJ
293odwW7qIVrvIkmzXLEc/YuXJ147kOnL9Hr8J43dyZnqb0VJQioB4sNBSU4JMvX
laGX0jfa+1vZE++cDup05erzkJxBTwoFkCNAAXyF+cbb4Bz405C7ysx94jbxvlqT
E5xy/FlVWjjVLgHgqZrxhcvEn4Nk9OeOesC8IKtYBKqAxeVFvCiwgrEEp6MKtQBT
hnAG3Y9jeubbO95t2WJw8CSZEqCsvITb1CuYH47uHxZOkoqVrTz01JKVuLIdyQDg
V3yU4XVK+sRG91U=
=bfwr
-----END PGP SIGNATURE-----

Attachment: pgp1kFc9CVTwu.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted ruby2.7 2.7.4-1+deb11u5 (source) into oldstable-security
Next by Date: Accepted libmodbus 3.1.6-2+deb11u1 (source) into oldstable-security
Previous by thread: Accepted ruby2.7 2.7.4-1+deb11u5 (source) into oldstable-security
Next by thread: Accepted libmodbus 3.1.6-2+deb11u1 (source) into oldstable-security
Index(es):
- Date
- Thread