-
squid3 (3.1.6-1.2+squeeze3) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add CVE-2012-5643-CVE-2013-0189.dpatch patch.
Fix squid-cgi (cachemgr) memory leaks and denial of service
vulnerability: remote attackers could cause a denial of service (memory
consumption) via (1) invalid Content-Length headers, (2) long POST
requests, or (3) crafted authentication credentials. CVE-2012-5643 and
CVE-2013-0189. (Closes: #696187)
-- Salvatore Bonaccorso <email address hidden> Sat, 23 Feb 2013 14:08:15 +0100
-
squid3 (3.1.6-1.2+squeeze2) stable-security; urgency=high
* Apply upstream patches to fix a memory leak and invalid free().
revisions 10111 and 10384 from the SQUID_3_1 branch.
Fixes CVE-2011-4096.
-- Florian Weimer <email address hidden> Fri, 06 Jan 2012 12:57:11 +0100
-
squid3 (3.1.6-1.2+squeeze1) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix buffer overflow on long gopher server replies
(CVE-2011-3205; Closes: #639755).
-- Nico Golde <email address hidden> Sat, 10 Sep 2011 13:09:24 +0000
-
squid3 (3.1.6-1.2) unstable; urgency=low
* Non-maintainer upload.
* Fix DoS while processing large DNS replies with no IPv6 resolver present
(CVE-2010-2951) (Closes: #599709)
-- Ben Hutchings <email address hidden> Sat, 30 Oct 2010 17:00:55 +0200
-
squid3 (3.1.6-1.1) unstable; urgency=high
* Non-maintainer upload by the security team
* Fix DoS due to wrong string handling (Closes: #596086)
Fixes: CVE-2010-3072
-- Steffen Joeris <email address hidden> Mon, 13 Sep 2010 17:07:51 +1000
-
squid3 (3.1.6-1) unstable; urgency=low
* New upstream release
* debian/rules
- Removed now-default --enable-ipv6 option
* debian/control
- Bumped Standard-Version to 3.9.1, no change needed
* debian/patches/01-cf.data.pre
- Updated to match new upstream default IPv6 configuration
-- Luigi Gangitano <email address hidden> Mon, 09 Aug 2010 00:59:26 +0200
-
squid3 (3.1.3-2) unstable; urgency=low
* debian/rules
- Actually enable IPv6 (how did I miss this?)
-- Luigi Gangitano <email address hidden> Tue, 04 May 2010 11:15:49 +0200
-
squid3 (3.0.STABLE19-1) unstable; urgency=low
* New upstream release
- Fixes DoS in exthernal auth header parser (Ref: CVE-2009-2855)
* debian/squid.rc
- Fixed dependencies in init.d script, thanks to Petter Reinholdtsen
(Closes: #546362)
* debian/control
- Bumped Standard-Version to 3.8.3, no change needed
-- Luigi Gangitano <email address hidden> Sun, 20 Sep 2009 01:33:00 +0200
-
squid3 (3.0.STABLE18-1) unstable; urgency=high
* New upstream release
- Removed patches integrated upstream
+ 12-gcc44-fixes
+ 13-signed-unsigned-fixes
+ SQUID-2009-2
* debian/rules
- Enable ARP ACLs (Closes: #538023)
- Enable SNMP support (Closes: #537187)
* debian/control
- Fix dependency for squid3-dbg on squid3 =${binary:Version}
- Added dependency of squid3-dbg on ${misc:Depends}
* debian/squid3-common.postinst
- Added DEBHELPER placeholder
-- Luigi Gangitano <email address hidden> Sun, 09 Aug 2009 00:28:56 +0200
-
squid3 (3.0.STABLE16-2) unstable; urgency=low
* debian/patches/13-signed-unsigned-fixes
- Added upstream patch fixing build errors on 64-bit archs
(Closes: #536588)
* debian/README.Debian
- Removed instability notice of development version
* debian/control
- Fixed squid3-dbg section and priority to match archive override
-- Luigi Gangitano <email address hidden> Sat, 11 Jul 2009 13:46:45 +0200
-
squid3 (3.0.STABLE13-1) unstable; urgency=low
* New upstream release
- Removed patches integrated upstream
+ 10-mgr_active_requests
+ 11-SQUID-2009-1
* debian/patches/02-makefile-defaults
- Removed cachemgr configuration file fix integrated upstream
* debian/rules
- Disable support for coss witch is marked as unstable upstream
-- Luigi Gangitano <email address hidden> Mon, 16 Feb 2009 16:18:30 +0100
