[ubuntu/oracular-proposed] squid 6.10-1ubuntu1 (Accepted)
Renan Rodrigo
renanrodrigo at canonical.com
Thu Sep 12 19:42:15 UTC 2024
squid (6.10-1ubuntu1) oracular; urgency=medium
* Merge with Debian unstable (LP: #2073322). Remaining changes:
- d/usr.sbin.squid: Add sections for squid-deb-proxy and
squidguard
- d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
packaging
- Use snakeoil certificates:
+ d/control: add ssl-cert to dependencies
+ d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
to the default config file
- d/NEWS: drop the NIS basic auth helper (LP #1895694)
- d/p/0009-Fix-Werror-alloc-size-larger-than-on-GCC-12.patch:
Fix FTBFS due to -Werror=alloc-size-larger-than on GCC 12.
- d/rules: halt build upon test failures.
- d/rules: do not include additional configuration files during
build time tests. This would lead to test failures due to missing
paths.
- d/t/upstream-test-suite: use installed squid binary for
autopkgtest config file checks.
- d/p/0010-Fix-Werror-sign-compare-on-GCC-13.patch: fix comparison
between signed and unsigned values.
- d/rules: disable LTO related compilation errors for ppc64el builds.
- d/source_squid.py, d/rules: Add apport hook (LP #676141)
* Dropped changes:
- d/t/upstream-test-suite: adjust autopkgtests following dpkg
changes enabling ELF metadata. (LP #2071468)
[ LP bug fixed in dpkg,binutils ]
- SECURITY UPDATE: DoS in ESI processing using multi-byte characters
+ debian/patches/CVE-2024-37894.patch: fix variable datatype to handle
variables names outside standard ASCII characters
+ CVE-2024-37894
[ Fixed in 6.10 ]
squid (6.10-1) unstable; urgency=high
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release 6.10
Fixes: CVE-2024-37894. SQUID-2024:3 (Closes: #1074284)
Date: Thu, 12 Sep 2024 16:23:16 -0300
Changed-By: Renan Rodrigo <renanrodrigo at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
https://launchpad.net/ubuntu/+source/squid/6.10-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 12 Sep 2024 16:23:16 -0300
Source: squid
Built-For-Profiles: noudeb
Architecture: source
Version: 6.10-1ubuntu1
Distribution: oracular
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Renan Rodrigo <renanrodrigo at canonical.com>
Closes: 1074284
Launchpad-Bugs-Fixed: 2073322
Changes:
squid (6.10-1ubuntu1) oracular; urgency=medium
.
* Merge with Debian unstable (LP: #2073322). Remaining changes:
- d/usr.sbin.squid: Add sections for squid-deb-proxy and
squidguard
- d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
packaging
- Use snakeoil certificates:
+ d/control: add ssl-cert to dependencies
+ d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
to the default config file
- d/NEWS: drop the NIS basic auth helper (LP #1895694)
- d/p/0009-Fix-Werror-alloc-size-larger-than-on-GCC-12.patch:
Fix FTBFS due to -Werror=alloc-size-larger-than on GCC 12.
- d/rules: halt build upon test failures.
- d/rules: do not include additional configuration files during
build time tests. This would lead to test failures due to missing
paths.
- d/t/upstream-test-suite: use installed squid binary for
autopkgtest config file checks.
- d/p/0010-Fix-Werror-sign-compare-on-GCC-13.patch: fix comparison
between signed and unsigned values.
- d/rules: disable LTO related compilation errors for ppc64el builds.
- d/source_squid.py, d/rules: Add apport hook (LP #676141)
* Dropped changes:
- d/t/upstream-test-suite: adjust autopkgtests following dpkg
changes enabling ELF metadata. (LP #2071468)
[ LP bug fixed in dpkg,binutils ]
- SECURITY UPDATE: DoS in ESI processing using multi-byte characters
+ debian/patches/CVE-2024-37894.patch: fix variable datatype to handle
variables names outside standard ASCII characters
+ CVE-2024-37894
[ Fixed in 6.10 ]
.
squid (6.10-1) unstable; urgency=high
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release 6.10
Fixes: CVE-2024-37894. SQUID-2024:3 (Closes: #1074284)
Checksums-Sha1:
dfe874424396c1900649137ea454798f87f5ac46 3070 squid_6.10-1ubuntu1.dsc
97791240bf23b2a0e62fbf2bf694d7c5b81ee2bb 2637644 squid_6.10.orig.tar.xz
72ae09f47a000bcc39c4dd32867ec7b053c564ad 647 squid_6.10.orig.tar.xz.asc
49b7db588bb0413da67ee5492f806082169e9fb8 52496 squid_6.10-1ubuntu1.debian.tar.xz
0928627f04f4a7cb8ea8377ed2383ca52d97ce4b 8098 squid_6.10-1ubuntu1_source.buildinfo
Checksums-Sha256:
81d1e7551f48ad7aead155e9025d2b57ebd90d8fef3d4e74439993d42ac71c37 3070 squid_6.10-1ubuntu1.dsc
62eae787da0b7066d12562500374c1b48b7aa88a01c00fff1eb54db3accc1556 2637644 squid_6.10.orig.tar.xz
32829a4e733daadef6e4d1d04d0e7cac63dd61adc1a7b1860f09390614a4ea66 647 squid_6.10.orig.tar.xz.asc
7ae5683216e11fb2fa33585a810b0166ce3eefdeb9060c6fe3c91563fe8cebaa 52496 squid_6.10-1ubuntu1.debian.tar.xz
713f10234e25ed404adc0aa4894af10d52afbbddefdac7905c7800d6f0a0b1d7 8098 squid_6.10-1ubuntu1_source.buildinfo
Files:
5a95389a9965d6f8d7d1d03df721a7e1 3070 web optional squid_6.10-1ubuntu1.dsc
1d9a1e8b08e077ee9a42689191fd47c7 2637644 web optional squid_6.10.orig.tar.xz
491578e47d6a7819573b0bd1ec9c1dfb 647 web optional squid_6.10.orig.tar.xz.asc
8acb144cf22145808b45a707cad2b01e 52496 web optional squid_6.10-1ubuntu1.debian.tar.xz
ca190ec3b51658d81f51948c38244926 8098 web optional squid_6.10-1ubuntu1_source.buildinfo
Original-Maintainer: Luigi Gangitano <luigi at debian.org>
Vcs-Git: https://git.launchpad.net/~athos-ribeiro/ubuntu/+source/squid
Vcs-Git-Commit: c2521a4d762a575a4c28d3869b4856b60c261fe6
Vcs-Git-Ref: refs/heads/merge-2073322-oracular
More information about the oracular-changes
mailing list