Publishing details

Created on 2020-02-26 by Ubuntu Archive Auto-Sync
Published on 2020-02-26

Changelog

squid (4.10-1ubuntu1) focal; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/usr.sbin.squid: Add sections for maas-proxy, squid-deb-proxy,
      squidguard
    - d/p/90-cf.data.ubuntu.patch: Add an example refresh pattern for debs.
    - Use snakeoil certificates:
      + d/control: add ssl-cert to dependencies
      + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
        to the default config file
    - d/rules: Add -Wno-format-truncation to CXXFLAGS as a workaround if
      building for ppc64el. On that arch, dpkg-buildflags sets -O3 instead of
      -O2 and that triggers a format-truncation error on pcon.cc. See
      See https://bugs.squid-cache.org/show_bug.cgi?id=4875
    - d/p/drop-sysctl_h.patch: no longer include sysctl.h as it was
      deprecated in glibc 2.30 (LP #1843325)
  * Dropped:
    - d/t/control, d/t/test-squid.py: remove gopher tests, as pygopherd is
      no longer available in Focal (LP: #1858827)
      [In 4.10-1, undocumented]
    - d/t/test-squid.py, d/t/squid: switch to python3
      [In 4.10-1, undocumented]
    - d/t/control: depend on python3-minimal
      [In 4.10-1, undocumented]
    - SECURITY UPDATE: info disclosure via FTP server
      + debian/patches/CVE-2019-12528.patch: fix FTP buffers handling in
        src/clients/FtpGateway.cc.
      + CVE-2019-12528
      [Fixed upstream]
    - SECURITY UPDATE: incorrect input validation and buffer management
      + debian/patches/CVE-2020-84xx.patch: fix request URL generation in
        reverse proxy configurations in src/client_side.cc.
      + CVE-2020-8449
      + CVE-2020-8450
      [Fixed upstream]
    - SECURITY UPDATE: DoS in NTLM authentication
      + debian/patches/CVE-2020-8517.patch: improved username handling in
        src/acl/external/LM_group/ext_lm_group_acl.cc.
      + CVE-2020-8517
      [Fixed upstream]

squid (4.10-1) unstable; urgency=high

  [ Amos Jeffries <email address hidden> ]
  * New Upstream Release (Closes: #950641)
    - Fixes security issue SQUID-2020:1 (CVE-2020-8449) (CVE-2020-8450)
      (Closes: #950802)
    - Fixes security issue SQUID-2020:2 (CVE-2019-12528) (Closes: #950925)
    - Fixes security issue SQUID-2020:3 (CVE-2020-8517)

  * debian/NEWS
    - Fix syntax to make lintian happier

  * debian/control
    - Bumped Standards-Version to 4.5.0, no change needed

  [ Luigi Gangitano <email address hidden> ]
  * debian/control
    - Drop squid3 transitional package (Closes: #940785)

 -- Andreas Hasenack <email address hidden>  Tue, 25 Feb 2020 15:37:55 -0300

Available diffs

diff from 4.9-2ubuntu4 to 4.10-1ubuntu1 (98.7 KiB)

Builds

Built packages

squid Full featured Web Proxy cache (HTTP proxy)

squid-cgi Full featured Web Proxy cache (HTTP proxy) - control CGI

squid-cgi-dbgsym debug symbols for squid-cgi

squid-common Full featured Web Proxy cache (HTTP proxy) - common files

squid-dbgsym debug symbols for squid

squid-purge Full featured Web Proxy cache (HTTP proxy) - cache management utility

squid-purge-dbgsym debug symbols for squid-purge

squidclient Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message utility

squidclient-dbgsym debug symbols for squidclient

Package files

squid-cgi-dbgsym_4.10-1ubuntu1_amd64.ddeb (264.0 KiB)
squid-cgi-dbgsym_4.10-1ubuntu1_arm64.ddeb (262.4 KiB)
squid-cgi-dbgsym_4.10-1ubuntu1_armhf.ddeb (257.1 KiB)
squid-cgi-dbgsym_4.10-1ubuntu1_ppc64el.ddeb (270.9 KiB)
squid-cgi-dbgsym_4.10-1ubuntu1_s390x.ddeb (268.4 KiB)
squid-cgi_4.10-1ubuntu1_amd64.deb (70.8 KiB)
squid-cgi_4.10-1ubuntu1_arm64.deb (68.3 KiB)
squid-cgi_4.10-1ubuntu1_armhf.deb (66.0 KiB)
squid-cgi_4.10-1ubuntu1_ppc64el.deb (74.0 KiB)
squid-cgi_4.10-1ubuntu1_s390x.deb (68.8 KiB)
squid-common_4.10-1ubuntu1_all.deb (189.0 KiB)
squid-dbgsym_4.10-1ubuntu1_amd64.ddeb (31.2 MiB)
squid-dbgsym_4.10-1ubuntu1_arm64.ddeb (30.8 MiB)
squid-dbgsym_4.10-1ubuntu1_armhf.ddeb (30.5 MiB)
squid-dbgsym_4.10-1ubuntu1_ppc64el.ddeb (31.6 MiB)
squid-dbgsym_4.10-1ubuntu1_s390x.ddeb (31.8 MiB)
squid-purge-dbgsym_4.10-1ubuntu1_amd64.ddeb (134.0 KiB)
squid-purge-dbgsym_4.10-1ubuntu1_arm64.ddeb (134.8 KiB)
squid-purge-dbgsym_4.10-1ubuntu1_armhf.ddeb (133.4 KiB)
squid-purge-dbgsym_4.10-1ubuntu1_ppc64el.ddeb (138.4 KiB)
squid-purge-dbgsym_4.10-1ubuntu1_s390x.ddeb (137.7 KiB)
squid-purge_4.10-1ubuntu1_amd64.deb (60.8 KiB)
squid-purge_4.10-1ubuntu1_arm64.deb (59.4 KiB)
squid-purge_4.10-1ubuntu1_armhf.deb (58.7 KiB)
squid-purge_4.10-1ubuntu1_ppc64el.deb (61.7 KiB)
squid-purge_4.10-1ubuntu1_s390x.deb (60.0 KiB)
squid_4.10-1ubuntu1.debian.tar.xz (42.7 KiB)
squid_4.10-1ubuntu1.dsc (2.7 KiB)
squid_4.10-1ubuntu1_amd64.deb (2.4 MiB)
squid_4.10-1ubuntu1_arm64.deb (2.2 MiB)
squid_4.10-1ubuntu1_armhf.deb (2.2 MiB)
squid_4.10-1ubuntu1_ppc64el.deb (2.4 MiB)
squid_4.10-1ubuntu1_s390x.deb (2.2 MiB)
squid_4.10.orig.tar.xz (2.3 MiB)
squidclient-dbgsym_4.10-1ubuntu1_amd64.ddeb (303.4 KiB)
squidclient-dbgsym_4.10-1ubuntu1_arm64.ddeb (301.3 KiB)
squidclient-dbgsym_4.10-1ubuntu1_armhf.ddeb (297.4 KiB)
squidclient-dbgsym_4.10-1ubuntu1_ppc64el.ddeb (305.2 KiB)
squidclient-dbgsym_4.10-1ubuntu1_s390x.ddeb (303.3 KiB)
squidclient_4.10-1ubuntu1_amd64.deb (73.4 KiB)
squidclient_4.10-1ubuntu1_arm64.deb (70.1 KiB)
squidclient_4.10-1ubuntu1_armhf.deb (68.1 KiB)
squidclient_4.10-1ubuntu1_ppc64el.deb (73.2 KiB)
squidclient_4.10-1ubuntu1_s390x.deb (71.3 KiB)