Publishing details


squid3 (3.5.27-1ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable (LP: #1751286). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/ in
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - GCC7 FTBFS fixes (LP #1712668):
      + d/rules: don't error when hitting the "deprecated" and
       "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
       but one in that affects 32bit builds was deemed too intrusive
       for the 3.5 stable series and is only in squid 4.x
  * Dropped changes:
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <email address hidden>.
      [Already applied upstream]
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean.  Thanks to Amos Jeffries <email address hidden>
      [Already applied upstream]
    - SECURITY UPDATE: denial of service in ESI Response processing
      + debian/patches/CVE-2018-1000024.patch: make sure endofName never
        exceeds tagEnd in src/esi/
      + CVE-2018-1000024
        [Added in 3.5.27-1]
    - SECURITY UPDATE: denial of service in in HTTP Message processing
      + debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
        transactions without a client connection in
      + CVE-2018-1000027
        [Included in 3.5.27-1]
  * Added changes:
    - Do not force gcc-6

squid3 (3.5.27-1) unstable; urgency=high

  [ Amos Jeffries <email address hidden> ]
  * New Upstream Release

  * debian/{control,rules}
    - Add temporary dependency on gcc-6 and g++-6 to workaround FTBFS in

  * debian/patches/
    - Fix security issue SQUID-2018:1 (CVE-2016-1000024) (Closes: #888719)
    - Fix security issue SQUID-2018:2 (CVE-2016-1000027) (Closes: #888720)

  [ Luigi Gangitano <email address hidden> ]
  * debian/control
    - Changed priority to optional for squid3 and squid-dbg
    - Removed unneeded Build-Dep on autotools-dev

  * debian/rules
    - Include dpkg-architecture Makefile instead of invoking the binary at
      build time

  * debian/squid.postinst
    - Remove recursive chown calls

 -- Andreas Hasenack <email address hidden>  Tue, 27 Feb 2018 08:09:21 -0300

Available diffs


Built packages

Package files