[ubuntu/noble-proposed] squid 6.10-0ubuntu0.24.04.1 (Accepted)
Athos Ribeiro
athos.ribeiro at canonical.com
Thu Nov 28 17:30:41 UTC 2024
squid (6.10-0ubuntu0.24.04.1) noble; urgency=medium
* New upstream version 6.10 (LP: #2073322):
- Fix issue where successful tunnels were being logged as TCP_TUNNEL/500.
- Fix a logic error when starting squid with the -a option, which could
lead to a crash.
- Fix marking of problematic cached IP addresses.
- For a comprehensive list of changes, please see
https://www.squid-cache.org/Versions/v6/squid-6.10-RELEASENOTES.html.
* d/u/signing-key.asc: update keyring file. (Closes: #1084734)
* Dropped changes:
- SECURITY UPDATE: DoS via chunked decoder uncontrolled recursion bug
+ debian/patches/CVE-2024-25111.patch: fix infinite recursion in
src/http.cc, src/http.h.
+ CVE-2024-25111
[ Fixed in 6.8 ]
- SECURITY UPDATE: DoS in ESI processing using multi-byte characters
+ debian/patches/CVE-2024-37894.patch: fix variable datatype to handle
variables names outside standard ASCII characters
+ CVE-2024-37894
[ Fixed in 6.10 ]
Date: Mon, 09 Sep 2024 10:32:37 -0300
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/squid/6.10-0ubuntu0.24.04.1
-------------- next part --------------
Format: 1.8
Date: Mon, 09 Sep 2024 10:32:37 -0300
Source: squid
Built-For-Profiles: noudeb
Architecture: source
Version: 6.10-0ubuntu0.24.04.1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Closes: 1084734
Launchpad-Bugs-Fixed: 2073322
Changes:
squid (6.10-0ubuntu0.24.04.1) noble; urgency=medium
.
* New upstream version 6.10 (LP: #2073322):
- Fix issue where successful tunnels were being logged as TCP_TUNNEL/500.
- Fix a logic error when starting squid with the -a option, which could
lead to a crash.
- Fix marking of problematic cached IP addresses.
- For a comprehensive list of changes, please see
https://www.squid-cache.org/Versions/v6/squid-6.10-RELEASENOTES.html.
* d/u/signing-key.asc: update keyring file. (Closes: #1084734)
* Dropped changes:
- SECURITY UPDATE: DoS via chunked decoder uncontrolled recursion bug
+ debian/patches/CVE-2024-25111.patch: fix infinite recursion in
src/http.cc, src/http.h.
+ CVE-2024-25111
[ Fixed in 6.8 ]
- SECURITY UPDATE: DoS in ESI processing using multi-byte characters
+ debian/patches/CVE-2024-37894.patch: fix variable datatype to handle
variables names outside standard ASCII characters
+ CVE-2024-37894
[ Fixed in 6.10 ]
Checksums-Sha1:
03f9f4fbc4773baf750435fba1c8b5688573ff9e 2870 squid_6.10-0ubuntu0.24.04.1.dsc
97791240bf23b2a0e62fbf2bf694d7c5b81ee2bb 2637644 squid_6.10.orig.tar.xz
1b3ef1af64dc15ac890671c84cbc41a860039f56 53440 squid_6.10-0ubuntu0.24.04.1.debian.tar.xz
b5b1294ac6da3aa8e90f8534fa930749b83e66c3 8155 squid_6.10-0ubuntu0.24.04.1_source.buildinfo
Checksums-Sha256:
c000f6bf8336ee4f6521faf00de1794f7387f7cc8d358dfefec733be58adf04b 2870 squid_6.10-0ubuntu0.24.04.1.dsc
62eae787da0b7066d12562500374c1b48b7aa88a01c00fff1eb54db3accc1556 2637644 squid_6.10.orig.tar.xz
0442611c71e1fef61c2edeff60bccacf6d3524304815882ac957cf27a8b92f91 53440 squid_6.10-0ubuntu0.24.04.1.debian.tar.xz
517f7b3140bfffb279e41fe196c1cff8d41a5e52730f844a0df7d63aada25dd6 8155 squid_6.10-0ubuntu0.24.04.1_source.buildinfo
Files:
1297ced3bfeca44fc8140580c39cac53 2870 web optional squid_6.10-0ubuntu0.24.04.1.dsc
1d9a1e8b08e077ee9a42689191fd47c7 2637644 web optional squid_6.10.orig.tar.xz
ad2955148d22df93c4d1d6ea5b37e267 53440 web optional squid_6.10-0ubuntu0.24.04.1.debian.tar.xz
a9526ed2ac75ea6a35c6760501482ea3 8155 web optional squid_6.10-0ubuntu0.24.04.1_source.buildinfo
Original-Maintainer: Luigi Gangitano <luigi at debian.org>
Vcs-Git: https://git.launchpad.net/~athos-ribeiro/ubuntu/+source/squid
Vcs-Git-Commit: ca24b0c982ff42b482530efc2869fc20b094ee68
Vcs-Git-Ref: refs/heads/MRE-noble-6.10
More information about the noble-changes
mailing list