Format: 1.8 Date: Tue, 25 Aug 2020 12:56:26 -0400 Source: squid Binary: squid squid-cgi squid-purge squidclient Architecture: s390x Version: 4.10-1ubuntu1.2 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: squid - Full featured Web Proxy cache (HTTP proxy) squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-purge - Full featured Web Proxy cache (HTTP proxy) - cache management uti squidclient - Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message util Changes: squid (4.10-1ubuntu1.2) focal-security; urgency=medium . * SECURITY UPDATE: HTTP Request Smuggling issue - debian/patches/CVE-2020-15810.patch: enforce token characters for field-name in src/HttpHeader.cc. - CVE-2020-15810 * SECURITY UPDATE: HTTP Request Splitting issue - debian/patches/CVE-2020-15811.patch: improve Transfer-Encoding handling in src/HttpHeader.cc, src/HttpHeader.h, src/client_side.cc, src/http.cc. - CVE-2020-15811 * SECURITY UPDATE: DoS via peer crafted Cache Digest response message - debian/patches/CVE-2020-24606.patch: fix livelocking in peerDigestHandleReply in src/peer_digest.cc. - CVE-2020-24606 Checksums-Sha1: 511a9ca27b54d46e16802e91cd3bba89c1e36e5d 274212 squid-cgi-dbgsym_4.10-1ubuntu1.2_s390x.ddeb 924aeb38550f1cc3dedd81a0d5d96d98b62f0aab 70780 squid-cgi_4.10-1ubuntu1.2_s390x.deb e5c7b25fcb30789deabd7ecf8e5d718e233d7226 33385984 squid-dbgsym_4.10-1ubuntu1.2_s390x.ddeb de619d3d4b5239b731e0b8b6f27e1b14fd4bb576 140380 squid-purge-dbgsym_4.10-1ubuntu1.2_s390x.ddeb c9ee8517344dbd3d995f01859f4d4a75b0cb53ae 61820 squid-purge_4.10-1ubuntu1.2_s390x.deb 5029d67e4038940f3e7977972500061932b65442 11028 squid_4.10-1ubuntu1.2_s390x.buildinfo 2ad6204248ae0eaaa726b726d8a2a4a32c78bb06 2273368 squid_4.10-1ubuntu1.2_s390x.deb d1bdca3d3d64604377bb7a6d86b5a7b140a31a62 310032 squidclient-dbgsym_4.10-1ubuntu1.2_s390x.ddeb 002c063fbc3da428c1cd9d4acf79ccc89bced745 73312 squidclient_4.10-1ubuntu1.2_s390x.deb Checksums-Sha256: 8a14a319f9b52299ff1a8f0603c1dcf0906afadc589cbad81446e021ad134b6a 274212 squid-cgi-dbgsym_4.10-1ubuntu1.2_s390x.ddeb 885137ffef6d0a942690f36b01e579487f32feed59db2afd581f9810b164cf88 70780 squid-cgi_4.10-1ubuntu1.2_s390x.deb 03a36b3671db087dc011cde5b48decd3fb28486c7f182a927ecd2c4e51087e1f 33385984 squid-dbgsym_4.10-1ubuntu1.2_s390x.ddeb 9ae6fa418684ea797aea4e5ca7bc555ef90af8287c3f7d34a9bc4b58fab259f9 140380 squid-purge-dbgsym_4.10-1ubuntu1.2_s390x.ddeb fcdeb485caeb0e54453bec69a1475e9cc67d2934eb1361a3b8d6edf2dd9871df 61820 squid-purge_4.10-1ubuntu1.2_s390x.deb 0c6f0044de4c4eaac98ae2191726526fb7f6fda6832ff309744bbb3155b29343 11028 squid_4.10-1ubuntu1.2_s390x.buildinfo 1a0829ac5d73e981e6755860a75a145f2b3e032595b8f8f3d15cf11ed502507c 2273368 squid_4.10-1ubuntu1.2_s390x.deb 9d49d541fb67f8d7f88c5349500005c09e1d5a83fc0e1c9e5d63490a7a2d4bdd 310032 squidclient-dbgsym_4.10-1ubuntu1.2_s390x.ddeb 228485891ba10a485a392bdbe73247254a09d3cbd5a3b471b2ec32472fd2bd26 73312 squidclient_4.10-1ubuntu1.2_s390x.deb Files: a2b2fbf24f5fbd2713b2a9bc9490a84d 274212 debug optional squid-cgi-dbgsym_4.10-1ubuntu1.2_s390x.ddeb 1589a294bdc297e86889d0f0d9015c51 70780 web optional squid-cgi_4.10-1ubuntu1.2_s390x.deb b09e188768f54cd938b6d14bdaad277d 33385984 debug optional squid-dbgsym_4.10-1ubuntu1.2_s390x.ddeb 49ffbeb4e5007fcba31954ca184a47ea 140380 debug optional squid-purge-dbgsym_4.10-1ubuntu1.2_s390x.ddeb b496e8d8bbef743eb37a52226c15b433 61820 web optional squid-purge_4.10-1ubuntu1.2_s390x.deb 591b71bc0525618ff28a680bdd5d20c1 11028 web optional squid_4.10-1ubuntu1.2_s390x.buildinfo 2b773db763f1894a21fca4878a599f7a 2273368 web optional squid_4.10-1ubuntu1.2_s390x.deb 41038c651e6df98969b30b1047497e3f 310032 debug optional squidclient-dbgsym_4.10-1ubuntu1.2_s390x.ddeb b48b7e4a40972fc435f94c567189317a 73312 web optional squidclient_4.10-1ubuntu1.2_s390x.deb Original-Maintainer: Luigi Gangitano