[ubuntu/zesty-proposed] squid3 3.5.23-1ubuntu1 (Accepted)
Robie Basak
robie.basak at ubuntu.com
Fri Feb 10 11:25:14 UTC 2017
squid3 (3.5.23-1ubuntu1) zesty; urgency=medium
* Merge from Debian (LP: #1644538). Remaining changes:
- Add additional dep8 tests.
- Use snakeoil certificates.
- Add an example refresh pattern for debs.
- Add disabled by default AppArmor profile.
- Revert "Set pidfile for systemd's sysv-generator" from Debian.
- Drop wrong short-circuiting of various invocations; we always want to
call the debhelper block.
- Add missing Pre-Depends on adduser.
- Enable autoreconf. This is no longer required for the security updates,
but is needed for the seddery of test-suite/Makefile.am in
d/t/upstream-test-suite.
* Drop changes (adopted in Debian):
- Run sarg-reports if present before rotating logs.
- Add lsb-release build dep.
* Drop changes that no longer make a functional difference in Ubuntu, but may
still be relevant to send to Debian:
- d/squid3.postinst: don't try to stop squid3 again.
- d/squid3.postrm: don't rm -f conffiles in purge.
- Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
- Drop creation of /etc/squid.
* Drop unnecessary changes:
- Add executable bits to d/squid.preinst.
* Drop changes relating to the upgrade path from prior to Xenial, so no
longer required:
- /var/spool/squid3 upgrade path handling.
- Conffile upgrade path handling.
- Remove redundant version-guarded restart code from squid postinst.
- Clean up apparmor links for usr.sbin.squid3 on upgrade.
- Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
- Add Breaks on older ufw to fix upgrade path.
- Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
entirely (see below).
* Drop security fixes: all included in 3.5.23 upstream.
* Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
happened in Xenial, so no upgrade path still requires this code. This
reduces upgrade ordering difficulty.
* Fix failing autopkgtests:
- Adjust Python module dependencies.
- Correctly handle the squid3 -> squid rename.
- Adjust seddery for upstream test squid binary location.
* Drop dependency on init-system-helpers. This was introduced in LP 1432683.
Since we no longer ship an upstart job, it is no longer required.
* Correct attribution and add explanatory note in d/NEWS.debian.
squid3 (3.5.23-1) unstable; urgency=high
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release (Closes: #793473, #822952)
- Fixes security issue SQUID-2016:10 (CVE-2016-10003) (Closes: #848491)
- Fixes security issue SQUID-2016:11 (CVE-2016-10002) (Closes: #848493)
* debian/patches/
- Remove patch included upstream
* debian/tests/
- Use package build-deps when testing so the make commands will work
squid3 (3.5.22-1) unstable; urgency=medium
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
* debian/patches
- Add upstream patch to fix adaptation crashes
* debian/{control, rules, squid.postinst}
- Accept patch to remove setuid from pinger (Closes: #822992)
[ Luigi Gangitano ]
* debian/compat
- Bump to debhelper compatibility level 10
* debian/{control,tests/}
- Add DEP-8 autopkgtest for upstream test suite, thanks to
Santiago Ruano Rincan (Closes: #829141)
* debian/rules
- Avoid linking with unneeded libraries, thanks to Yuriy M. Kaminskiyi
(Closes: #822998)
squid3 (3.5.19-1) unstable; urgency=high
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release (Closes: #823968)
- Fixes security issue SQUID-2016:7 (CVE-2016-4553)
- Fixes security issue SQUID-2016:8 (CVE-2016-4554)
- Fixes security issue SQUID-2016:9 (CVE-2016-4555, CVE-2016-4556)
* debian/control
- Bumped Standards-Version to 3.9.8, no change needed
* debian/rules
- Send hardening CPPFLAGS to custom build tools
squid3 (3.5.17-1) unstable; urgency=high
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
- Fixes security issue SQUID-2016:5 (CVE-2016-4051)
- Fixes security issue SQUID-2016:6 (CVE-2016-4052, CVE-2016-4053,
CVE-2016-4054)
squid3 (3.5.16-1) unstable; urgency=high
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
- Fixes security issue SQUID-2016:3 (CVE-2016-3947) (Closes: #819783)
- Fixes security issue SQUID-2016:4 (CVE-2016-3948) (Closes: #819784)
* debian/patches/
- Remove patch included upstream
squid3 (3.5.15-1) unstable; urgency=high
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
- Fixes security issues SQUID-2016:2
(CVE-2016-2569, CVE-2016-2570, CVE-2016-2571)
(Closes: #816011)
* debian/patches/03-upstream-bug4447.patch
- add upstream patch for their bug #4447
[ Robie Basak <robie.basak at canonical.com> ]
* debian/control
- Add lsb-release build dep. This is required for the --enable-build-info
line in debian/rules to work correctly.
* debian/squid.logrotate
- Run sarg-reports if present before rotating logs.
[ Luigi Gangitano <luigi at debian.org> ]
* debian/control
- Bumped Standards-Version to 3.9.7, no change needed
squid3 (3.5.14-1) unstable; urgency=medium
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release (Closes: #812038)
* debian/control
- add Depends libdbi-perl (Closes: #807512)
- Fixed lintian complaint about squid3 package description
- Fixed Vcs-Git Header pointing anonscm.debian.org
* debian/rules
- build ext_time_quota_acl helper (LP: #1391159)
* debian/squid.install
- add missing helper man pages
Date: Tue, 24 Jan 2017 15:47:44 +0000
Changed-By: Robie Basak <robie.basak at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/squid3/3.5.23-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Jan 2017 15:47:44 +0000
Source: squid3
Binary: squid3 squid squid-dbg squid-common squidclient squid-cgi squid-purge
Architecture: source
Version: 3.5.23-1ubuntu1
Distribution: zesty
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Robie Basak <robie.basak at ubuntu.com>
Description:
squid - Full featured Web Proxy cache (HTTP proxy)
squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI
squid-common - Full featured Web Proxy cache (HTTP proxy) - common files
squid-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols
squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility
squid3 - Transitional package
squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility
Closes: 793473 807512 812038 816011 819783 819784 822952 822992 822998 823968 829141 848491 848493
Launchpad-Bugs-Fixed: 1391159 1644538
Changes:
squid3 (3.5.23-1ubuntu1) zesty; urgency=medium
.
* Merge from Debian (LP: #1644538). Remaining changes:
- Add additional dep8 tests.
- Use snakeoil certificates.
- Add an example refresh pattern for debs.
- Add disabled by default AppArmor profile.
- Revert "Set pidfile for systemd's sysv-generator" from Debian.
- Drop wrong short-circuiting of various invocations; we always want to
call the debhelper block.
- Add missing Pre-Depends on adduser.
- Enable autoreconf. This is no longer required for the security updates,
but is needed for the seddery of test-suite/Makefile.am in
d/t/upstream-test-suite.
* Drop changes (adopted in Debian):
- Run sarg-reports if present before rotating logs.
- Add lsb-release build dep.
* Drop changes that no longer make a functional difference in Ubuntu, but may
still be relevant to send to Debian:
- d/squid3.postinst: don't try to stop squid3 again.
- d/squid3.postrm: don't rm -f conffiles in purge.
- Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
- Drop creation of /etc/squid.
* Drop unnecessary changes:
- Add executable bits to d/squid.preinst.
* Drop changes relating to the upgrade path from prior to Xenial, so no
longer required:
- /var/spool/squid3 upgrade path handling.
- Conffile upgrade path handling.
- Remove redundant version-guarded restart code from squid postinst.
- Clean up apparmor links for usr.sbin.squid3 on upgrade.
- Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
- Add Breaks on older ufw to fix upgrade path.
- Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
entirely (see below).
* Drop security fixes: all included in 3.5.23 upstream.
* Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
happened in Xenial, so no upgrade path still requires this code. This
reduces upgrade ordering difficulty.
* Fix failing autopkgtests:
- Adjust Python module dependencies.
- Correctly handle the squid3 -> squid rename.
- Adjust seddery for upstream test squid binary location.
* Drop dependency on init-system-helpers. This was introduced in LP 1432683.
Since we no longer ship an upstart job, it is no longer required.
* Correct attribution and add explanatory note in d/NEWS.debian.
.
squid3 (3.5.23-1) unstable; urgency=high
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release (Closes: #793473, #822952)
- Fixes security issue SQUID-2016:10 (CVE-2016-10003) (Closes: #848491)
- Fixes security issue SQUID-2016:11 (CVE-2016-10002) (Closes: #848493)
.
* debian/patches/
- Remove patch included upstream
.
* debian/tests/
- Use package build-deps when testing so the make commands will work
.
squid3 (3.5.22-1) unstable; urgency=medium
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
.
* debian/patches
- Add upstream patch to fix adaptation crashes
.
* debian/{control, rules, squid.postinst}
- Accept patch to remove setuid from pinger (Closes: #822992)
.
[ Luigi Gangitano ]
* debian/compat
- Bump to debhelper compatibility level 10
.
* debian/{control,tests/}
- Add DEP-8 autopkgtest for upstream test suite, thanks to
Santiago Ruano Rincan (Closes: #829141)
.
* debian/rules
- Avoid linking with unneeded libraries, thanks to Yuriy M. Kaminskiyi
(Closes: #822998)
.
squid3 (3.5.19-1) unstable; urgency=high
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release (Closes: #823968)
- Fixes security issue SQUID-2016:7 (CVE-2016-4553)
- Fixes security issue SQUID-2016:8 (CVE-2016-4554)
- Fixes security issue SQUID-2016:9 (CVE-2016-4555, CVE-2016-4556)
.
* debian/control
- Bumped Standards-Version to 3.9.8, no change needed
.
* debian/rules
- Send hardening CPPFLAGS to custom build tools
.
squid3 (3.5.17-1) unstable; urgency=high
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
- Fixes security issue SQUID-2016:5 (CVE-2016-4051)
- Fixes security issue SQUID-2016:6 (CVE-2016-4052, CVE-2016-4053,
CVE-2016-4054)
.
squid3 (3.5.16-1) unstable; urgency=high
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
- Fixes security issue SQUID-2016:3 (CVE-2016-3947) (Closes: #819783)
- Fixes security issue SQUID-2016:4 (CVE-2016-3948) (Closes: #819784)
.
* debian/patches/
- Remove patch included upstream
.
squid3 (3.5.15-1) unstable; urgency=high
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release
- Fixes security issues SQUID-2016:2
(CVE-2016-2569, CVE-2016-2570, CVE-2016-2571)
(Closes: #816011)
.
* debian/patches/03-upstream-bug4447.patch
- add upstream patch for their bug #4447
.
[ Robie Basak <robie.basak at canonical.com> ]
* debian/control
- Add lsb-release build dep. This is required for the --enable-build-info
line in debian/rules to work correctly.
.
* debian/squid.logrotate
- Run sarg-reports if present before rotating logs.
.
[ Luigi Gangitano <luigi at debian.org> ]
* debian/control
- Bumped Standards-Version to 3.9.7, no change needed
.
squid3 (3.5.14-1) unstable; urgency=medium
.
[ Amos Jeffries <amosjeffries at squid-cache.org> ]
* New Upstream Release (Closes: #812038)
.
* debian/control
- add Depends libdbi-perl (Closes: #807512)
- Fixed lintian complaint about squid3 package description
- Fixed Vcs-Git Header pointing anonscm.debian.org
.
* debian/rules
- build ext_time_quota_acl helper (LP: #1391159)
.
* debian/squid.install
- add missing helper man pages
Checksums-Sha1:
a687d540d41b1da4f1ecabde915213943b6f1dca 2521 squid3_3.5.23-1ubuntu1.dsc
6b0b2091896e7874024e5f1e28eeccb0acd7e962 4730792 squid3_3.5.23.orig.tar.gz
3c596dd91264c5f24bca7c2223e3ba20ae4accd9 46456 squid3_3.5.23-1ubuntu1.debian.tar.xz
Checksums-Sha256:
b7af7b3e2cc38c00d77b57712a4381eb296205849cc884f85f68095853ab4d21 2521 squid3_3.5.23-1ubuntu1.dsc
f81eeee0fb046ad636566b51fe4f72b8bc66d454d7082ef38e273c3f4b09f6db 4730792 squid3_3.5.23.orig.tar.gz
01fe8285e0c145890e8dcbee8e12e5dce6aa53397a0ee595637d24cb25c561cf 46456 squid3_3.5.23-1ubuntu1.debian.tar.xz
Files:
d4bbd51f2b93c4732af3e8a9098a57f8 2521 web optional squid3_3.5.23-1ubuntu1.dsc
49d790ddee8c611ee2992e66eb8e9ae9 4730792 web optional squid3_3.5.23.orig.tar.gz
2d1dc90157a03e82da2d410fc148877c 46456 web optional squid3_3.5.23-1ubuntu1.debian.tar.xz
Original-Maintainer: Luigi Gangitano <luigi at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJYnaKmAAoJEOVkucJ1vdUu4r8P/3xKHt7QOxv7ztOSjriqlQs/
FKdCKhlYngZaDds19j2MLDh0S9FSZWhrAc0vOMoEdF6WY/2zj6Tb1AK6U0YK52G+
cZkWQ5Dhat5PfaMtzUb6RelqWbUG51PR0Y3FJ8Zh8sgK0jXY1RWGrJ53Hjf2FS9x
4evb0dg7G3MYtwUwh6D0RXPtvvyaxi0lkkY8w3aYgU/clYD5spk1n4B8jfqPVboo
3vKWxaAimHezL0FExyE8CSypPI5MCQyo50Ev+0GCrP7r6En+vx/+N/DQx+dUJSNS
JOBziyQp0iHITzq/DMUz3rVHE0BNd8cT9z+uvAvoNcBzHIqNauxJxMO3Jp5IdZwL
CMZtCiOacpRJop3q1uE1eW14mrXlfls1koUPaZXnXD/7OjGdrIkZZBmSjGiEG+98
cRPQMsfJB9nbwft3ANQ5jWii9mLbGDSY1p2dhXlfbAtY5e9MXVaQjN0LduYCz/AW
B20SIFy2/U5rNwOeJ1A9PrP2lwzFjvTILBGxtLoGtd40777ztMe9T9IFGtadrTdM
E6ReaCedznbGZIdrlTU+59nsrpcL6RbX6V8uGQK04zv45FCNsCgWd5Xo+IcK7zHm
/14QWO49H7+SaAu8Rk2CGFHCUY5T1+13aT4B1QvN0TQqR2jGgQBd32ksZ9i5xITk
pG8sSeS1Zh/CGKPLu5jY
=N+Wd
-----END PGP SIGNATURE-----
More information about the Zesty-changes
mailing list