Format: 1.8 Date: Wed, 19 Feb 2020 12:50:27 -0500 Source: squid3 Binary: squid3 squid squid-dbg squid-common squidclient squid-cgi squid-purge Architecture: armhf Version: 3.5.27-1ubuntu1.5 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: squid - Full featured Web Proxy cache (HTTP proxy) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-common - Full featured Web Proxy cache (HTTP proxy) - common files squid-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility squid3 - Transitional package squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility Changes: squid3 (3.5.27-1ubuntu1.5) bionic-security; urgency=medium . * SECURITY UPDATE: info disclosure via FTP server - debian/patches/CVE-2019-12528.patch: fix FTP buffers handling in src/clients/FtpGateway.cc. - CVE-2019-12528 * SECURITY UPDATE: incorrect input validation and buffer management - debian/patches/CVE-2020-84xx-1.patch: ignore malformed Host header in intercept and reverse proxy mode in src/client_side.cc. - debian/patches/CVE-2020-84xx-2.patch: fix request URL generation in reverse proxy configurations in src/client_side.cc. - debian/patches/CVE-2020-84xx-3.patch: fix security patch in src/client_side.cc. - CVE-2020-8449 - CVE-2020-8450 * SECURITY UPDATE: DoS in NTLM authentication - debian/patches/CVE-2020-8517.patch: improved username handling in helpers/external_acl/LM_group/ext_lm_group_acl.cc. - CVE-2020-8517 Checksums-Sha1: ddf00be989b97ab753014c54b3b2bb5d6495e910 55920 squid-cgi_3.5.27-1ubuntu1.5_armhf.deb b73fff0a182c7af2309c6b90f238f1f02ee2aee3 21275968 squid-dbg_3.5.27-1ubuntu1.5_armhf.deb 3f5ec1019bf809d7a7ac6ebd955e53ba4088c898 50136 squid-purge_3.5.27-1ubuntu1.5_armhf.deb f686fef4f8d6ccd6e4d9bb2e15cad733e0cc3802 11215 squid3_3.5.27-1ubuntu1.5_armhf.buildinfo c9819c825f274cb3d53542a6bcf3797ab192d77d 2051140 squid_3.5.27-1ubuntu1.5_armhf.deb 93408d62061a003d16496f4c00b558ac88777646 58612 squidclient_3.5.27-1ubuntu1.5_armhf.deb Checksums-Sha256: 07731f622b5f47b8fd67dd71d32a365ef38495adba11ab46e1f609b5b4c16e0c 55920 squid-cgi_3.5.27-1ubuntu1.5_armhf.deb 8bfe1953166902a10b81cd88aa151c78ee81b11ceabc64bbd27e87897299e08b 21275968 squid-dbg_3.5.27-1ubuntu1.5_armhf.deb 60116b2a833853335ef7505fb629277ccae9035f4245e0be704f1593da9f08ee 50136 squid-purge_3.5.27-1ubuntu1.5_armhf.deb cd9fe75e8b93c75d5f3fed277d59c87861a77d5c76f67c0e7a1a5811826d2903 11215 squid3_3.5.27-1ubuntu1.5_armhf.buildinfo 8ca5525f233339045cccbb77c00daa2aa8dedc10fa0a398cc4d98b15e494141e 2051140 squid_3.5.27-1ubuntu1.5_armhf.deb 096f8afaf1d910962d7806fd8bffa5fb3d355e880fe26adc27fdec66a39e9226 58612 squidclient_3.5.27-1ubuntu1.5_armhf.deb Files: 8d4aa99ac5b5ab4322f250e6268c5159 55920 web optional squid-cgi_3.5.27-1ubuntu1.5_armhf.deb 6757e3acf12bc5a49bcd82882d97e91f 21275968 debug optional squid-dbg_3.5.27-1ubuntu1.5_armhf.deb 324337ad30f8d492ebfa529055064e40 50136 web optional squid-purge_3.5.27-1ubuntu1.5_armhf.deb 0afc66181dd6c361f19094175884603e 11215 web optional squid3_3.5.27-1ubuntu1.5_armhf.buildinfo 0b8782438ca1524b5806aa31beb9f09b 2051140 web optional squid_3.5.27-1ubuntu1.5_armhf.deb 516f3bde94296ced2b6ebfec15df6237 58612 web optional squidclient_3.5.27-1ubuntu1.5_armhf.deb Original-Maintainer: Luigi Gangitano