Format: 1.8
Date: Thu, 07 May 2020 10:05:12 -0400
Source: squid3
Binary: squid3 squid squid-dbg squid-common squidclient squid-cgi squid-purge
Architecture: amd64 all
Version: 3.5.12-1ubuntu7.11
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-021.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 squid      - Full featured Web Proxy cache (HTTP proxy)
 squid-cgi  - Full featured Web Proxy cache (HTTP proxy) - control CGI
 squid-common - Full featured Web Proxy cache (HTTP proxy) - common files
 squid-dbg  - Full featured Web Proxy cache (HTTP proxy) - Debug symbols
 squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility
 squid3     - Dummy transitional package.
 squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility
Changes:
 squid3 (3.5.12-1ubuntu7.11) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: multiple ESI issues
     - debian/patches/CVE-2019-12519_12521.patch: convert parse exceptions
       into 500 status response in src/esi/Context.h, src/esi/Esi.cc,
       src/esi/Esi.h, src/esi/Expression.cc.
     - CVE-2019-12519
     - CVE-2019-12521
   * SECURITY UPDATE: hostname parameter mishandling in cachemgr.cgi
     - debian/patches/CVE-2019-18860.patch: add validation for hostname
       parameter in src/base/CharacterSet.cc, tools/Makefile.am,
       tools/cachemgr.cc.
     - CVE-2019-18860
   * SECURITY UPDATE: Digest Authentication nonce replay issue
     - debian/patches/CVE-2020-11945.patch: fix auth digest refcount integer
       overflow in src/auth/digest/Config.cc.
     - CVE-2020-11945
Checksums-Sha1:
 36bd3b35c020417b676bc11a500e6e54074ed339 127524 squid-cgi-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 8f6b5ee46f1526436f6bf26a3c05f5815f7ce9a1 62022 squid-cgi_3.5.12-1ubuntu7.11_amd64.deb
 6ecb55bb3601e3c0cb27c6c590d871bc78d6e836 175460 squid-common_3.5.12-1ubuntu7.11_all.deb
 f01690036037bcf16ac8028b58e45d519cb827a4 11548240 squid-dbg_3.5.12-1ubuntu7.11_amd64.deb
 ff3335152e8ad25cff070799f5b2b737a141a0c3 11299928 squid-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 cb03f09e0ed35fdefe46774675138df1169fe99f 71984 squid-purge-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 70484678a9d13a57549f5316ace77a8aab5dc148 51280 squid-purge_3.5.12-1ubuntu7.11_amd64.deb
 501c34658d5d9c2947fe61daf736c31767858018 32268 squid3_3.5.12-1ubuntu7.11_all.deb
 69e95a8347f2d8cd1768365611ff92b29417c6f4 2319750 squid_3.5.12-1ubuntu7.11_amd64.deb
 1ca0d227ca8bab0a4cbd454cec9dc10c1d913528 143024 squidclient-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 c02d0b515dc7628e089e2cf47d10364bd7d27646 63178 squidclient_3.5.12-1ubuntu7.11_amd64.deb
Checksums-Sha256:
 edd351c1faaceeb4151036a13e560a470d9cfc5560555096587f0d3b4075999a 127524 squid-cgi-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 b18ca7372f8194f3dc03b049b15e0f55850dd876ebbf8a4794be392e125f39ae 62022 squid-cgi_3.5.12-1ubuntu7.11_amd64.deb
 a46c9194996aab7629da9d274e395d3149167387226d4567e59473397797ccde 175460 squid-common_3.5.12-1ubuntu7.11_all.deb
 44dca73ebf2b08ea5bc7ada27942c8cc5507b7728916fdd812402564c4957180 11548240 squid-dbg_3.5.12-1ubuntu7.11_amd64.deb
 32b612178a8494be2512c303777859d19b82b7085eb2db620954a87e77b118dc 11299928 squid-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 79c500a40aa18ebd57c85bce028b18d8e93a8e5c81e9da4a02523f4360dd2b87 71984 squid-purge-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 ccbba0811ad91831fbbaaea8a03ca8acadd1dd70ccab7cec21a7734fa33bcc75 51280 squid-purge_3.5.12-1ubuntu7.11_amd64.deb
 e91b84a3dd944d01bc801faea921c817998d554792405e2cfcf632589c46f0fc 32268 squid3_3.5.12-1ubuntu7.11_all.deb
 eff4f961458c837f65617c89925d18d5bd82f087ad81e5fa9a2e1f25b7a04566 2319750 squid_3.5.12-1ubuntu7.11_amd64.deb
 1bf8ae4d0483256876216d563de13fb6a17f20ecf44976902c43b5789666269f 143024 squidclient-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 1f7303dea6d882df979dfe35b45bd97fb8c0df1d9718ea2495828454fe5ffd6e 63178 squidclient_3.5.12-1ubuntu7.11_amd64.deb
Files:
 d768835c8aae0a56c17208d608f85e2d 127524 web extra squid-cgi-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 5d6b0c2ae657add6d7e3b785c986764a 62022 web optional squid-cgi_3.5.12-1ubuntu7.11_amd64.deb
 a0d417b926764c2763755478b014b511 175460 web optional squid-common_3.5.12-1ubuntu7.11_all.deb
 887c5ac8e78170c31e207d8e8d89a648 11548240 debug extra squid-dbg_3.5.12-1ubuntu7.11_amd64.deb
 05c5659db5d64ce30fa776e46ed919c3 11299928 web extra squid-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 ff49902126f9a8d839166406d3ae4f8c 71984 web extra squid-purge-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 914cafbd4fe39fcffb21708ddd53bd10 51280 web optional squid-purge_3.5.12-1ubuntu7.11_amd64.deb
 c862c80bf7097b291af290d7de577f79 32268 oldlibs extra squid3_3.5.12-1ubuntu7.11_all.deb
 3560bcc12fc0f5749133ac01a51fa860 2319750 web optional squid_3.5.12-1ubuntu7.11_amd64.deb
 239564d647035601a4a4406302fec889 143024 web extra squidclient-dbgsym_3.5.12-1ubuntu7.11_amd64.ddeb
 f8308e8d7e7fe67e0f441cbd2d6899f8 63178 web optional squidclient_3.5.12-1ubuntu7.11_amd64.deb
Original-Maintainer: Luigi Gangitano <luigi@debian.org>