-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 14 Nov 2025 20:44:29 +0100 Source: squid Architecture: source Version: 5.7-2+deb12u5 Distribution: bookworm Urgency: medium Maintainer: Luigi Gangitano Changed-By: Bastien Roucariès Closes: 1117048 Changes: squid (5.7-2+deb12u5) bookworm; urgency=medium . * Non maintainer upload by LTS team * Fix CVE-2023-46728: Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. * Fix CVE-2025-59362 (Closes: #1117048) Squid mishandles ASN.1 encoding of long SNMP OIDs. * Remove Gopher support * Fix CVE-2024-45802: Disable ESI feature support. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resource after Effective Lifetime bugs, Squid is vulnerable to Denial of Service attacks by a trusted server against all clients using the proxy. This problem is fixed by changing the build configuration to specify the --disable-esi option. Checksums-Sha1: 23d34d05d95049e3657e572a697c4b50c64064c6 2720 squid_5.7-2+deb12u5.dsc 141e8007d6b1cfee34654127a9ca025125b37b58 2566560 squid_5.7.orig.tar.xz dea1f3e89ad6dfa399de15d9870e1268746ec205 91236 squid_5.7-2+deb12u5.debian.tar.xz ba5b498391a73ecf89d85e53c763c53c5f205d90 5662 squid_5.7-2+deb12u5_source.buildinfo Checksums-Sha256: fc563e7f835ebf511a32a0408a16d25e5259edde92d11985819aa9456f7ca0e4 2720 squid_5.7-2+deb12u5.dsc 6b0753aaba4c9c4efd333e67124caecf7ad6cc2d38581f19d2f0321f5b7ecd81 2566560 squid_5.7.orig.tar.xz 6a83e88fc6f5f8d70ba29289550b3cf599acc063f5b5fd3bf81325847f0badc9 91236 squid_5.7-2+deb12u5.debian.tar.xz bde90aa840a5da50d7096a223e8625012427d8bff2b6ec9417a43ec986cc3d72 5662 squid_5.7-2+deb12u5_source.buildinfo Files: ddf6dace2d0929068007c18f434cbbfd 2720 web optional squid_5.7-2+deb12u5.dsc 7a3764a3c5833631a779d7827901cda7 2566560 web optional squid_5.7.orig.tar.xz 0ff476263d1e60878a8ba3d23613ec74 91236 web optional squid_5.7-2+deb12u5.debian.tar.xz db2452c6468003c24250041015e9315d 5662 web optional squid_5.7-2+deb12u5_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmk0a74ACgkQADoaLapB CF+K2g/9GsZnaBnT9lTBOWzgadEkyGW4doCEqn5Ttr3ilr8ReIvdyJUHWwF5HvDF ddKDiS/4nZ593FyhOPx0n0aAGPNjw1uukXh/0m0MH74FX+sUrU6YEdN/oYudJWHi f49e6ItlbaJiAjGsjIbUVtB99Xnn7BnWX2EunvrzFkVo+T5Q+/8LKI5SFDM+nfo3 BR4qt3bNHbmHRSLmdlOf2V6qclccH6maTucxBRzCjNRQCr8IDNbmRp3zT1+aaa6R doFUBOOBlzjPkfMPMMKjmqDawcwyoeVfdjNOytMdRRTK9sn3SypUiZzsOVAG+MU1 90qps/5QEhmIHa+6rOi7gUGa17mhilPT1H4LBcsBviqWNdPafKTsPdOvYBMZkKow f0LlnOwt+wYfEnuONr9n/plwlkVvRb6Okpx/PoHc1WrPSLF0Jozz6aiHNuTF9lMt Rwt0cJczUIiy/jFHaQB7+eO/bIOpVfYQjmCK7H5mfCjQFPUC6Y+LuuVmPUzAuCiF O+7wjQsQDu07R7a+/vbvFTdYsuxJgp91bWP14mMZM6AFRj8M2XPiHEkMCQWMdP0l VA+wP1QhLVZkAdTB4BgZ9+9fvVXEfyjzLcGYhAuhoclrUCaoErxPcOHnhhHIHzgC qu91H5hTYV56ymWftSVHL+YpX5iQGZc1Rg6vQa7OKGxSsHxtgb0= =6DwB -----END PGP SIGNATURE-----