[ubuntu/raring-proposed] squid3 3.1.20-1ubuntu2 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Wed Feb 6 16:15:28 UTC 2013 

squid3 (3.1.20-1ubuntu2) raring-proposed; urgency=low

  [ Seth Arnold ]
  * SECURITY UPDATE: denial of service via cachemgr.cgi insufficient input
    validation
    - debian/patches/98-CVE-2012-5643.patch: modify cachemgr.cc to properly
      free memory and handle input in chunks
    - Based on
      http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
    - CVE-2012-5643
    - CVE-2013-0189

Date: Wed, 06 Feb 2013 09:56:53 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/raring/+source/squid3/3.1.20-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 06 Feb 2013 09:56:53 -0600
Source: squid3
Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi squid squid-common
Architecture: source
Version: 3.1.20-1ubuntu2
Distribution: raring-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 squid      - dummy transitional package from squid to squid3
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-common - dummy transitional package from squid-common to squid3-common
 squid3     - Full featured Web Proxy cache (HTTP proxy)
 squid3-common - Full featured Web Proxy cache (HTTP proxy) - common files
 squid3-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols
 squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility
Changes: 
 squid3 (3.1.20-1ubuntu2) raring-proposed; urgency=low
 .
   [ Seth Arnold ]
   * SECURITY UPDATE: denial of service via cachemgr.cgi insufficient input
     validation
     - debian/patches/98-CVE-2012-5643.patch: modify cachemgr.cc to properly
       free memory and handle input in chunks
     - Based on
       http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch
     - CVE-2012-5643
     - CVE-2013-0189
Checksums-Sha1: 
 b9ee7299c8d8c10a3d56e52c76f48cfb3ee8b029 2251 squid3_3.1.20-1ubuntu2.dsc
 2a53bbc2e3ed5354846aa0beb5f9b2ae0204d407 26765 squid3_3.1.20-1ubuntu2.debian.tar.gz
Checksums-Sha256: 
 924685af70e02edde677abe57dceea300d45599998ed822ab5edf03ea9a858a6 2251 squid3_3.1.20-1ubuntu2.dsc
 b435144d599e072fbaa3fdc6c502347d3ad01781fab0e3050987a11a97087090 26765 squid3_3.1.20-1ubuntu2.debian.tar.gz
Files: 
 1f15a694522d136f7a731c9c6645ba13 2251 web optional squid3_3.1.20-1ubuntu2.dsc
 a1df76db75ffc687de5f62f5d655ef78 26765 web optional squid3_3.1.20-1ubuntu2.debian.tar.gz
Original-Maintainer: Luigi Gangitano <luigi at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJREoBvAAoJEFHb3FjMVZVzulcQAKNYY3RGJ3tPXV5p0ITcUkn2
tNG5An++k4cubX6T1r4UCGelNvsOe9sxcccND8W+xbMB03MWsrIMaEUWZJKgP/x2
pImKt09RTp/VrEk42xv30Zv3hZD/Kf+VGfV0ArosTQlY0JcSA7ZxyKEGsy3uew0I
crtjxVXDXbz4sy2mbiSIopMl/EQAX6v83tes1qlgu/5Q41fvscZM3vm9aRRlF3Nz
CYQrvRCvQGJPpy62pD7dkFptNwVk9UlQnC9urzbgeypPyIPNMEknVKMXlyM903Bi
JcJZw5cbxesWgXbvgEvKOlB7LT80Nd68vZ7+XXdcqMpO5MJdP0sJe7z72Kea16M7
Ha9+vw1UOhntgabYxz9b3zb+3MxB+KOD3yrWGcgYx0KyxDcl0RO1friRQb9Z3055
nIxUzp73EUqTvB1NijQBZQqVm3H6w8v86TEDUAeNGGkcWrPCfoSabglP+NJ3RN4L
sQ6biTtrVybXhcUYDtIng93O/vUFfE75lFx5ktdeRoU6OUVD7YiuxdUnpCJK986R
l9blyXe5hAPMAv3gbzYgBq+rhqEEocOVqeknXoE8BwN2lil8VHR4iYg6hujpJ/vf
v7kmSYsMzq1D8bKssc6/kI03GjI0iB1cX0eTNW5Vm3mQbfnbkWYs4go/P4v+/X1s
XptTihGXNlL9S0csVBHl
=Zgu5
-----END PGP SIGNATURE-----

More information about the Raring-changes mailing list