** Description changed:
- Scheduled-For: 23.01
Upstream: tbd
- Debian: 5.2-1
+ Debian: 5.2-1
Ubuntu: 4.13-10ubuntu5
-
Debian does new releases regularly, so it's likely there will be newer
versions available before FF that we can pick up if this merge is done
later in the cycle.
-
### New Debian Changes ###
squid (5.2-1) unstable; urgency=medium
- [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
- * New Upstream Release (Closes: #986804, #976131)
- Fixes: CVE-2021-28116. Out-Of-Bounds memory access in WCCPv2
- Fixes: CVE-2021-41611. Improper Certificate Validation of TLS server
- certificates
+ [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
+ * New Upstream Release (Closes: #986804, #976131)
+ Fixes: CVE-2021-28116. Out-Of-Bounds memory access in WCCPv2
+ Fixes: CVE-2021-41611. Improper Certificate Validation of TLS server
+ certificates
- [ L.P.H. van Belle <be...@bazuin.nl> ]
- * debian/rules
- - polish override_dh_installsystemd action to match other sequences
+ [ L.P.H. van Belle <be...@bazuin.nl> ]
+ * debian/rules
+ - polish override_dh_installsystemd action to match other sequences
- * debian/NEWS
- - bump version number to make Lintian happy
+ * debian/NEWS
+ - bump version number to make Lintian happy
- -- Luigi Gangitano <lu...@debian.org> Sat, 9 Oct 2021 17:03:54 +0200
+ -- Luigi Gangitano <lu...@debian.org> Sat, 9 Oct 2021 17:03:54 +0200
squid (5.1-2) unstable; urgency=medium
- [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
- * New Upstream Release (Closes: #984351, #943692)
+ [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
+ * New Upstream Release (Closes: #984351, #943692)
- * debian/control
- - switch build-dep to libtdb-dev. libdb is deprecated
- - Bumped Standards-Version to 4.6.0, no change needed
+ * debian/control
+ - switch build-dep to libtdb-dev. libdb is deprecated
+ - Bumped Standards-Version to 4.6.0, no change needed
- * debian/patches/
- - refresh patches for new version
- - fix 0001-Default-configuration-file-for-debian.patch (Closes: #970025)
- - add 0004-Change-default-Makefiles-for-debian.patch
- to fix FTBFS 'cp: cannot create regular file tests/stub_*.cc'
+ * debian/patches/
+ - refresh patches for new version
+ - fix 0001-Default-configuration-file-for-debian.patch (Closes: #970025)
+ - add 0004-Change-default-Makefiles-for-debian.patch
+ to fix FTBFS 'cp: cannot create regular file tests/stub_*.cc'
- * debian/rules
- - remove basic_nis_auth helper
+ * debian/rules
+ - remove basic_nis_auth helper
- * Drop squid3 upgrade compatibility. Debian has not contained
- a squid3 package for at least two full release cycles.
+ * Drop squid3 upgrade compatibility. Debian has not contained
+ a squid3 package for at least two full release cycles.
- -- Luigi Gangitano <lu...@debian.org> Fri, 17 Sep 2021 09:27:54 +0200
+ -- Luigi Gangitano <lu...@debian.org> Fri, 17 Sep 2021 09:27:54 +0200
squid (4.13-10) unstable; urgency=medium
- [ Francisco Vilmar Cardoso Ruviaro ]
- * Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial
- of Service in URN processing. (Closes: #988893, CVE-2021-28651)
+ [ Francisco Vilmar Cardoso Ruviaro ]
+ * Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial
+ of Service in URN processing. (Closes: #988893, CVE-2021-28651)
- [ Santiago Garcia Mantinan ]
- * Add patch to fix a Denial of Service in HTTP Response Processing.
- Fixes: CVE-2021-28662. Closes: #988891.
- * Add patch to fix a Denial of Service issue in Cache Manager.
- Fixes: CVE-2021-28652. Closes: #988892.
- * Add patch to fix Multiple Issues in HTTP Range header.
- Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043.
- * Add patch to fix a Denial of Service in HTTP Response processing.
- Fixes: GHSA-572g-rvwr-6c7f.
+ [ Santiago Garcia Mantinan ]
+ * Add patch to fix a Denial of Service in HTTP Response Processing.
+ Fixes: CVE-2021-28662. Closes: #988891.
+ * Add patch to fix a Denial of Service issue in Cache Manager.
+ Fixes: CVE-2021-28652. Closes: #988892.
+ * Add patch to fix Multiple Issues in HTTP Range header.
+ Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043.
+ * Add patch to fix a Denial of Service in HTTP Response processing.
+ Fixes: GHSA-572g-rvwr-6c7f.
- -- Santiago Garcia Mantinan <ma...@debian.org> Fri, 28 May 2021
+ -- Santiago Garcia Mantinan <ma...@debian.org> Fri, 28 May 2021
12:28:20 +0200
squid (4.13-9) unstable; urgency=medium
- * Clarify on NEWS and scripts that we no longer remove logs on purge.
- * Clarify on postrm script that the debhelper code was put manually.
- * Add README.Debian to squid-openssl.
+ * Clarify on NEWS and scripts that we no longer remove logs on purge.
+ * Clarify on postrm script that the debhelper code was put manually.
+ * Add README.Debian to squid-openssl.
- -- Santiago Garcia Mantinan <ma...@debian.org> Tue, 23 Mar 2021
+ -- Santiago Garcia Mantinan <ma...@debian.org> Tue, 23 Mar 2021
00:18:11 +0100
squid (4.13-8) unstable; urgency=medium
- * Add SQUID-2020_11.patch to fix HTTP Request Smuggling.
- Fixes: CVE-2020-25097. Closes: #985068.
+ * Add SQUID-2020_11.patch to fix HTTP Request Smuggling.
+ Fixes: CVE-2020-25097. Closes: #985068.
- -- Santiago Garcia Mantinan <ma...@debian.org> Sun, 21 Mar 2021
+ -- Santiago Garcia Mantinan <ma...@debian.org> Sun, 21 Mar 2021
00:58:29 +0100
squid (4.13-7) unstable; urgency=medium
- * Add full postrm scripts while we don't solve #984897 on debhelper.
- Closes: #984880.
+ * Add full postrm scripts while we don't solve #984897 on debhelper.
+ Closes: #984880.
- -- Santiago Garcia Mantinan <ma...@debian.org> Wed, 10 Mar 2021
+ -- Santiago Garcia Mantinan <ma...@debian.org> Wed, 10 Mar 2021
09:19:32 +0100
squid (4.13-6) unstable; urgency=medium
- * Stop removing cache and config file on postrm. Closes: #984510.
- * Increase debhelper build dependency to 12.8 as we need that from -5.
- * Add NEWS note on the problem with purge on previous versions.
+ * Stop removing cache and config file on postrm. Closes: #984510.
+ * Increase debhelper build dependency to 12.8 as we need that from -5.
+ * Add NEWS note on the problem with purge on previous versions.
- -- Santiago Garcia Mantinan <ma...@debian.org> Thu, 04 Mar 2021
+ -- Santiago Garcia Mantinan <ma...@debian.org> Thu, 04 Mar 2021
14:45:00 +0100
squid (4.13-5) unstable; urgency=high
- * Have a deeper look and change all dpkg-buildpackage commands
- for similar dh ones. At least at home it works now.
+ * Have a deeper look and change all dpkg-buildpackage commands
+ for similar dh ones. At least at home it works now.
- -- Santiago Garcia Mantinan <ma...@debian.org> Mon, 08 Feb 2021
+ -- Santiago Garcia Mantinan <ma...@debian.org> Mon, 08 Feb 2021
21:35:48 +0100
squid (4.13-4) unstable; urgency=high
- * Remove pre-build from upstream-test-suite.
+ * Remove pre-build from upstream-test-suite.
- -- Santiago Garcia Mantinan <ma...@debian.org> Mon, 08 Feb 2021
+ -- Santiago Garcia Mantinan <ma...@debian.org> Mon, 08 Feb 2021
09:26:25 +0100
-
### Old Ubuntu Delta ###
squid (4.13-10ubuntu5) impish; urgency=medium
- * SECURITY UPDATE: information disclosure via OOB read in WCCP protocol
- - debian/patches/CVE-2021-28116.patch: validate packets better in
- src/wccp2.cc.
- - CVE-2021-28116
+ * SECURITY UPDATE: information disclosure via OOB read in WCCP protocol
+ - debian/patches/CVE-2021-28116.patch: validate packets better in
+ src/wccp2.cc.
+ - CVE-2021-28116
- -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Mon, 04 Oct 2021
+ -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Mon, 04 Oct 2021
08:20:07 -0400
squid (4.13-10ubuntu4) impish; urgency=medium
- * Fix FTBFS with GCC 11 (LP: #1939352)
- - d/p/add-missing-limits-include-connmark.patch: Add missing
- <limits> include to src/acl/ConnMark.cc.
- - d/p/fix-max-pkt-sz-for-icmpEchoData-padding.patch.patch: Expand
- MAX_PKT{4,6}_SZ to accomodate for icmp{,6_}hdr.
- - d/p/replace-cbdata-offset-hack-with-offsetof.patch: Replace
- cbdata::Offset hack with offsetof().
- - d/p/workaround-gcc11-wstringop-overread-bug.patch: Workaround
- GCC 11 -Wstringop-overread bug.
+ * Fix FTBFS with GCC 11 (LP: #1939352)
+ - d/p/add-missing-limits-include-connmark.patch: Add missing
+ <limits> include to src/acl/ConnMark.cc.
+ - d/p/fix-max-pkt-sz-for-icmpEchoData-padding.patch.patch: Expand
+ MAX_PKT{4,6}_SZ to accomodate for icmp{,6_}hdr.
+ - d/p/replace-cbdata-offset-hack-with-offsetof.patch: Replace
+ cbdata::Offset hack with offsetof().
+ - d/p/workaround-gcc11-wstringop-overread-bug.patch: Workaround
+ GCC 11 -Wstringop-overread bug.
- -- Sergio Durigan Junior <sergio.duri...@canonical.com> Fri, 20 Aug
+ -- Sergio Durigan Junior <sergio.duri...@canonical.com> Fri, 20 Aug
2021 00:19:41 -0400
squid (4.13-10ubuntu3) impish; urgency=medium
- * Fix failure to build on RISC-V (LP: #1934891)
+ * Fix failure to build on RISC-V (LP: #1934891)
- -- Heinrich Schuchardt <heinrich.schucha...@canonical.com> Wed, 07 Jul
+ -- Heinrich Schuchardt <heinrich.schucha...@canonical.com> Wed, 07 Jul
2021 14:11:51 +0200
squid (4.13-10ubuntu2) impish; urgency=medium
- * No-change rebuild due to OpenLDAP soname bump.
+ * No-change rebuild due to OpenLDAP soname bump.
- -- Sergio Durigan Junior <sergio.duri...@canonical.com> Mon, 21 Jun
+ -- Sergio Durigan Junior <sergio.duri...@canonical.com> Mon, 21 Jun
2021 18:09:05 -0400
squid (4.13-10ubuntu1) impish; urgency=medium
- * Merge with Debian unstable. Remaining changes:
- - d/usr.sbin.squid: Add sections for squid-deb-proxy and
- squidguard
- - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
- packaging
- - Use snakeoil certificates:
- + d/control: add ssl-cert to dependencies
- + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
- to the default config file
- - d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694)
- - d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
- Fix call to free on nonheap-object in snmpCreateOidFromStr
+ * Merge with Debian unstable. Remaining changes:
+ - d/usr.sbin.squid: Add sections for squid-deb-proxy and
+ squidguard
+ - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
+ packaging
+ - Use snakeoil certificates:
+ + d/control: add ssl-cert to dependencies
+ + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
+ to the default config file
+ - d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694)
+ - d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
+ Fix call to free on nonheap-object in snmpCreateOidFromStr
- -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Fri, 04 Jun 2021
+ -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Fri, 04 Jun 2021
12:49:43 -0400
** Changed in: squid (Ubuntu)
Milestone: None => ubuntu-22.01
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946903
Title:
Merge squid from Debian unstable for 22.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1946903/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
