Format: 1.8 Date: Tue, 25 Aug 2020 12:56:26 -0400 Source: squid Binary: squid squid-cgi squid-purge squidclient Architecture: ppc64el Version: 4.10-1ubuntu1.2 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: squid - Full featured Web Proxy cache (HTTP proxy) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Changes: squid (4.10-1ubuntu1.2) focal-security; urgency=medium . * SECURITY UPDATE: HTTP Request Smuggling issue - debian/patches/CVE-2020-15810.patch: enforce token characters for field-name in src/HttpHeader.cc. - CVE-2020-15810 * SECURITY UPDATE: HTTP Request Splitting issue - debian/patches/CVE-2020-15811.patch: improve Transfer-Encoding handling in src/HttpHeader.cc, src/HttpHeader.h, src/client_side.cc, src/http.cc. - CVE-2020-15811 * SECURITY UPDATE: DoS via peer crafted Cache Digest response message - debian/patches/CVE-2020-24606.patch: fix livelocking in peerDigestHandleReply in src/peer_digest.cc. - CVE-2020-24606 Checksums-Sha1: 473e7df78adfc3c984416c1dcc418bd359adebcc 276964 squid-cgi-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb e57391f835a3f25144ddcef4276d487fec028d4e 76096 squid-cgi_4.10-1ubuntu1.2_ppc64el.deb 93295005a9357280c11279d392c2b5441ee197ce 33128280 squid-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 42bcfee5fcb5ff2a46b3b933cca49998ade3bc18 141120 squid-purge-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb bf792835206807e2f09a75b3811afdae92284702 63532 squid-purge_4.10-1ubuntu1.2_ppc64el.deb 7aae9cf285e56bde0f78ce437b48cf8f7bc93960 11198 squid_4.10-1ubuntu1.2_ppc64el.buildinfo 290ceefe3cad0a29f3ef7b2c0138fbedbd53d52f 2547148 squid_4.10-1ubuntu1.2_ppc64el.deb c8889f69a3a214b125e4b6f8a0101f9c7072ba14 311952 squidclient-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 6044099f331f017237fe6040c645ff7944474544 75228 squidclient_4.10-1ubuntu1.2_ppc64el.deb Checksums-Sha256: be17331120792836ebcd4b0182d61b2ee3b3fc7f3d039c26007b4d4acdf70285 276964 squid-cgi-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 9aaf909dfda521644794d2b93b2097b8ffccafedb6e4cb822f70ba3c2d4cb0d9 76096 squid-cgi_4.10-1ubuntu1.2_ppc64el.deb d0e3dd372ce1c4011ef58c316bab46d2395364bcc631c73c1470dea923c31f66 33128280 squid-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 7147bd1035e7ff8f623e56399d7a4912c22a3ba2acd529a53128ff9373e8b37a 141120 squid-purge-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 5f1f01a979f328064b0640eb900b3ea5c8ae7d8e3ca5b8aab4ff2e5de7d24b0f 63532 squid-purge_4.10-1ubuntu1.2_ppc64el.deb 55739e32ac1c29dd3cfc9ffabbe472b33758477a9ca68174894acc3d08e39ff6 11198 squid_4.10-1ubuntu1.2_ppc64el.buildinfo e2e8e66e14f63f793145cc561afb10eef8e911d28b3edd86295809cf5bab9a98 2547148 squid_4.10-1ubuntu1.2_ppc64el.deb abf117bccdd1688e88715fe5f1cb1008f4d46ea4bb27b51e676f9966a413bd20 311952 squidclient-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb c6a09c39de80cb6cf1a4540cc696111addf5129bb3f077b503eafa30c0471c50 75228 squidclient_4.10-1ubuntu1.2_ppc64el.deb Files: e9526291a76789b8875dd8fe8d4518fd 276964 debug optional squid-cgi-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 30347dc2aa51a0f2ba08338a40758357 76096 web optional squid-cgi_4.10-1ubuntu1.2_ppc64el.deb 8cd0b149162a607c4adfc80dcdf5b13f 33128280 debug optional squid-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 978682715764a421c8f894ef1320c313 141120 debug optional squid-purge-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 6ff5324ef1d3d36af1b9a777e840cde5 63532 web optional squid-purge_4.10-1ubuntu1.2_ppc64el.deb 59ab0d503c9b50fffaf16d92d696deae 11198 web optional squid_4.10-1ubuntu1.2_ppc64el.buildinfo 1b432d8e6d2e5de4852ce5444929a3df 2547148 web optional squid_4.10-1ubuntu1.2_ppc64el.deb f7e99f6a16d0f04a3d3b9893e0831710 311952 debug optional squidclient-dbgsym_4.10-1ubuntu1.2_ppc64el.ddeb 723c1cf9704c1cf5152f0bcd5fcaa3cc 75228 web optional squidclient_4.10-1ubuntu1.2_ppc64el.deb Original-Maintainer: Luigi Gangitano