Ubuntu
squid package

squid 4.10-1ubuntu1 source package in Ubuntu

Changelog

squid (4.10-1ubuntu1) focal; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/usr.sbin.squid: Add sections for maas-proxy, squid-deb-proxy,
      squidguard
    - d/p/90-cf.data.ubuntu.patch: Add an example refresh pattern for debs.
    - Use snakeoil certificates:
      + d/control: add ssl-cert to dependencies
      + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
        to the default config file
    - d/rules: Add -Wno-format-truncation to CXXFLAGS as a workaround if
      building for ppc64el. On that arch, dpkg-buildflags sets -O3 instead of
      -O2 and that triggers a format-truncation error on pcon.cc. See
      See https://bugs.squid-cache.org/show_bug.cgi?id=4875
    - d/p/drop-sysctl_h.patch: no longer include sysctl.h as it was
      deprecated in glibc 2.30 (LP #1843325)
  * Dropped:
    - d/t/control, d/t/test-squid.py: remove gopher tests, as pygopherd is
      no longer available in Focal (LP: #1858827)
      [In 4.10-1, undocumented]
    - d/t/test-squid.py, d/t/squid: switch to python3
      [In 4.10-1, undocumented]
    - d/t/control: depend on python3-minimal
      [In 4.10-1, undocumented]
    - SECURITY UPDATE: info disclosure via FTP server
      + debian/patches/CVE-2019-12528.patch: fix FTP buffers handling in
        src/clients/FtpGateway.cc.
      + CVE-2019-12528
      [Fixed upstream]
    - SECURITY UPDATE: incorrect input validation and buffer management
      + debian/patches/CVE-2020-84xx.patch: fix request URL generation in
        reverse proxy configurations in src/client_side.cc.
      + CVE-2020-8449
      + CVE-2020-8450
      [Fixed upstream]
    - SECURITY UPDATE: DoS in NTLM authentication
      + debian/patches/CVE-2020-8517.patch: improved username handling in
        src/acl/external/LM_group/ext_lm_group_acl.cc.
      + CVE-2020-8517
      [Fixed upstream]

squid (4.10-1) unstable; urgency=high

  [ Amos Jeffries <email address hidden> ]
  * New Upstream Release (Closes: #950641)
    - Fixes security issue SQUID-2020:1 (CVE-2020-8449) (CVE-2020-8450)
      (Closes: #950802)
    - Fixes security issue SQUID-2020:2 (CVE-2019-12528) (Closes: #950925)
    - Fixes security issue SQUID-2020:3 (CVE-2020-8517)

  * debian/NEWS
    - Fix syntax to make lintian happier

  * debian/control
    - Bumped Standards-Version to 4.5.0, no change needed

  [ Luigi Gangitano <email address hidden> ]
  * debian/control
    - Drop squid3 transitional package (Closes: #940785)

 -- Andreas Hasenack <email address hidden>  Tue, 25 Feb 2020 15:37:55 -0300

Upload details

Uploaded by:
Andreas Hasenack
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
web
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Focal release main web

Downloads

File Size SHA-256 Checksum
squid_4.10.orig.tar.xz 2.3 MiB 98f0100afd8a42ea5f6b81eb98b0e4b36d7a54beab1c73d2f1705ab49b025f1f
squid_4.10-1ubuntu1.debian.tar.xz 42.7 KiB 9d3f10364389ccf6ce14b36051969ebbe74433dc3ef39c3e5b5897e78bcb1c59
squid_4.10-1ubuntu1.dsc 2.7 KiB 0017a4f5dd925a4ae6f0db5028f98d57bd676f33fa334fa4b793d9f8bda37fc9

Available diffs

View changes file

Binary packages built by this source

squid: Full featured Web Proxy cache (HTTP proxy)

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.

squid-cgi: Full featured Web Proxy cache (HTTP proxy) - control CGI

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This package contains a CGI program that can be used to query and administrate
 a `squid' proxy cache through a web browser.

squid-cgi-dbgsym: debug symbols for squid-cgi
squid-common: Full featured Web Proxy cache (HTTP proxy) - common files

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This package contains common files (MIB and icons)

squid-dbgsym: debug symbols for squid
squid-purge: No summary available for squid-purge in ubuntu groovy.

No description available for squid-purge in ubuntu groovy.

squid-purge-dbgsym: debug symbols for squid-purge
squidclient: Full featured Web Proxy cache (HTTP proxy) - HTTP(S) message utility

 Squid is a high-performance proxy caching server for web clients, supporting
 FTP, gopher, ICY and HTTP data objects.
 .
 This package contains a small utility that can be used to get URLs from the
 command line.

squidclient-dbgsym: debug symbols for squidclient