[ubuntu/impish-proposed] squid 4.13-10ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Jun 4 18:43:11 UTC 2021 

squid (4.13-10ubuntu1) impish; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/usr.sbin.squid: Add sections for squid-deb-proxy and
      squidguard
    - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
      packaging
    - Use snakeoil certificates:
      + d/control: add ssl-cert to dependencies
      + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
        to the default config file
    - d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694)
    - d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
      Fix call to free on nonheap-object in snmpCreateOidFromStr

squid (4.13-10) unstable; urgency=medium

  [ Francisco Vilmar Cardoso Ruviaro ]
  * Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial
    of Service in URN processing. (Closes: #988893, CVE-2021-28651)

  [ Santiago Garcia Mantinan ]
  * Add patch to fix a Denial of Service in HTTP Response Processing.
    Fixes: CVE-2021-28662. Closes: #988891.
  * Add patch to fix a Denial of Service issue in Cache Manager.
    Fixes: CVE-2021-28652. Closes: #988892.
  * Add patch to fix Multiple Issues in HTTP Range header.
    Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043.
  * Add patch to fix a Denial of Service in HTTP Response processing.
    Fixes: GHSA-572g-rvwr-6c7f.

Date: Fri, 04 Jun 2021 12:49:43 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/squid/4.13-10ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 04 Jun 2021 12:49:43 -0400
Source: squid
Built-For-Profiles: noudeb
Architecture: source
Version: 4.13-10ubuntu1
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Closes: 988891 988892 988893 989043
Launchpad-Bugs-Fixed: 1895694
Changes:
 squid (4.13-10ubuntu1) impish; urgency=medium
 .
   * Merge with Debian unstable. Remaining changes:
     - d/usr.sbin.squid: Add sections for squid-deb-proxy and
       squidguard
     - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
       packaging
     - Use snakeoil certificates:
       + d/control: add ssl-cert to dependencies
       + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
         to the default config file
     - d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694)
     - d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
       Fix call to free on nonheap-object in snmpCreateOidFromStr
 .
 squid (4.13-10) unstable; urgency=medium
 .
   [ Francisco Vilmar Cardoso Ruviaro ]
   * Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial
     of Service in URN processing. (Closes: #988893, CVE-2021-28651)
 .
   [ Santiago Garcia Mantinan ]
   * Add patch to fix a Denial of Service in HTTP Response Processing.
     Fixes: CVE-2021-28662. Closes: #988891.
   * Add patch to fix a Denial of Service issue in Cache Manager.
     Fixes: CVE-2021-28652. Closes: #988892.
   * Add patch to fix Multiple Issues in HTTP Range header.
     Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043.
   * Add patch to fix a Denial of Service in HTTP Response processing.
     Fixes: GHSA-572g-rvwr-6c7f.
Checksums-Sha1:
 839050b2a4d9534c3554c20e0d331f3aad7b4e6a 2825 squid_4.13-10ubuntu1.dsc
 cac95c18789e9ecd6620c2f278fc3900498c065b 2452752 squid_4.13.orig.tar.xz
 e588136e038aaa3c5840c9f7e783e419b46e560f 58008 squid_4.13-10ubuntu1.debian.tar.xz
 6d8335d31f0537a8e9ee509e6a94ebe91922fcb3 8885 squid_4.13-10ubuntu1_source.buildinfo
Checksums-Sha256:
 9a6d0bfdeb1baf6c74b4b6fede405a8a575edee392f7e204bdef0a7f776ba378 2825 squid_4.13-10ubuntu1.dsc
 6891a0f540e60779b4f24f1802a302f813c6f473ec7336a474ed68c3e2e53ee0 2452752 squid_4.13.orig.tar.xz
 6aa6e31e3677fdd2df8977c31133ec1f38e6042994189aa12c7968751fa2226c 58008 squid_4.13-10ubuntu1.debian.tar.xz
 7e920271004fa2a420e551bc2e7cf0db658ce83db0d2148aeef062804ee3fe48 8885 squid_4.13-10ubuntu1_source.buildinfo
Files:
 0459ff7c005a5c26240b018cd3cce0a5 2825 web optional squid_4.13-10ubuntu1.dsc
 492e54afc15821141ff1d1d9903854d6 2452752 web optional squid_4.13.orig.tar.xz
 577b5ccb46759cef66226ccf59376838 58008 web optional squid_4.13-10ubuntu1.debian.tar.xz
 326c143e0d77a85574dfccc064eddf5f 8885 web optional squid_4.13-10ubuntu1_source.buildinfo
Original-Maintainer: Luigi Gangitano <luigi at debian.org>

More information about the impish-changes mailing list