squid (4.13-10ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/usr.sbin.squid: Add sections for squid-deb-proxy and
squidguard
- d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
packaging
- Use snakeoil certificates:
+ d/control: add ssl-cert to dependencies
+ d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
to the default config file
- d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694)
- d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
Fix call to free on nonheap-object in snmpCreateOidFromStr
squid (4.13-10) unstable; urgency=medium
[ Francisco Vilmar Cardoso Ruviaro ]
* Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial
of Service in URN processing. (Closes: #988893, CVE-2021-28651)
[ Santiago Garcia Mantinan ]
* Add patch to fix a Denial of Service in HTTP Response Processing.
Fixes: CVE-2021-28662. Closes: #988891.
* Add patch to fix a Denial of Service issue in Cache Manager.
Fixes: CVE-2021-28652. Closes: #988892.
* Add patch to fix Multiple Issues in HTTP Range header.
Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043.
* Add patch to fix a Denial of Service in HTTP Response processing.
Fixes: GHSA-572g-rvwr-6c7f.
-- Marc Deslauriers <email address hidden> Fri, 04 Jun 2021 12:49:43 -0400