[Bug 1946903] Re: Merge squid from Debian unstable for 22.04

[Bryce Harrington]

** Description changed:

- Scheduled-For: 23.01
  Upstream: tbd
- Debian:   5.2-1    
+ Debian:   5.2-1
  Ubuntu:   4.13-10ubuntu5
- 
  
  Debian does new releases regularly, so it's likely there will be newer
  versions available before FF that we can pick up if this merge is done
  later in the cycle.
  
- 
  ### New Debian Changes ###
  
  squid (5.2-1) unstable; urgency=medium
  
-   [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
-   * New Upstream Release (Closes: #986804, #976131)
-     Fixes: CVE-2021-28116. Out-Of-Bounds memory access in WCCPv2
-     Fixes: CVE-2021-41611. Improper Certificate Validation of TLS server
-     certificates
+   [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
+   * New Upstream Release (Closes: #986804, #976131)
+     Fixes: CVE-2021-28116. Out-Of-Bounds memory access in WCCPv2
+     Fixes: CVE-2021-41611. Improper Certificate Validation of TLS server
+     certificates
  
-   [ L.P.H. van Belle <be...@bazuin.nl> ]
-   * debian/rules
-     - polish override_dh_installsystemd action to match other sequences
+   [ L.P.H. van Belle <be...@bazuin.nl> ]
+   * debian/rules
+     - polish override_dh_installsystemd action to match other sequences
  
-   * debian/NEWS
-     - bump version number to make Lintian happy
+   * debian/NEWS
+     - bump version number to make Lintian happy
  
-  -- Luigi Gangitano <lu...@debian.org>  Sat,  9 Oct 2021 17:03:54 +0200
+  -- Luigi Gangitano <lu...@debian.org>  Sat,  9 Oct 2021 17:03:54 +0200
  
  squid (5.1-2) unstable; urgency=medium
  
-   [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
-   * New Upstream Release (Closes: #984351, #943692)
+   [ Amos Jeffries <amosjeffr...@squid-cache.org> ]
+   * New Upstream Release (Closes: #984351, #943692)
  
-   * debian/control
-     - switch build-dep to libtdb-dev. libdb is deprecated
-     - Bumped Standards-Version to 4.6.0, no change needed
+   * debian/control
+     - switch build-dep to libtdb-dev. libdb is deprecated
+     - Bumped Standards-Version to 4.6.0, no change needed
  
-   * debian/patches/
-     - refresh patches for new version
-     - fix 0001-Default-configuration-file-for-debian.patch (Closes: #970025)
-     - add 0004-Change-default-Makefiles-for-debian.patch
-       to fix FTBFS 'cp: cannot create regular file tests/stub_*.cc'
+   * debian/patches/
+     - refresh patches for new version
+     - fix 0001-Default-configuration-file-for-debian.patch (Closes: #970025)
+     - add 0004-Change-default-Makefiles-for-debian.patch
+       to fix FTBFS 'cp: cannot create regular file tests/stub_*.cc'
  
-   * debian/rules
-     - remove basic_nis_auth helper
+   * debian/rules
+     - remove basic_nis_auth helper
  
-   * Drop squid3 upgrade compatibility. Debian has not contained
-     a squid3 package for at least two full release cycles.
+   * Drop squid3 upgrade compatibility. Debian has not contained
+     a squid3 package for at least two full release cycles.
  
-  -- Luigi Gangitano <lu...@debian.org>  Fri, 17 Sep 2021 09:27:54 +0200
+  -- Luigi Gangitano <lu...@debian.org>  Fri, 17 Sep 2021 09:27:54 +0200
  
  squid (4.13-10) unstable; urgency=medium
  
-   [ Francisco Vilmar Cardoso Ruviaro ]
-   * Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial
-     of Service in URN processing. (Closes: #988893, CVE-2021-28651)
+   [ Francisco Vilmar Cardoso Ruviaro ]
+   * Add debian/patches/0007-CVE-2021-28651.patch to fix a Denial
+     of Service in URN processing. (Closes: #988893, CVE-2021-28651)
  
-   [ Santiago Garcia Mantinan ]
-   * Add patch to fix a Denial of Service in HTTP Response Processing.
-     Fixes: CVE-2021-28662. Closes: #988891.
-   * Add patch to fix a Denial of Service issue in Cache Manager.
-     Fixes: CVE-2021-28652. Closes: #988892.
-   * Add patch to fix Multiple Issues in HTTP Range header.
-     Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043.
-   * Add patch to fix a Denial of Service in HTTP Response processing.
-     Fixes: GHSA-572g-rvwr-6c7f.
+   [ Santiago Garcia Mantinan ]
+   * Add patch to fix a Denial of Service in HTTP Response Processing.
+     Fixes: CVE-2021-28662. Closes: #988891.
+   * Add patch to fix a Denial of Service issue in Cache Manager.
+     Fixes: CVE-2021-28652. Closes: #988892.
+   * Add patch to fix Multiple Issues in HTTP Range header.
+     Fixes: CVE-2021-31806 CVE-2021-31807 CVE-2021-31808. Closes: #989043.
+   * Add patch to fix a Denial of Service in HTTP Response processing.
+     Fixes: GHSA-572g-rvwr-6c7f.
  
-  -- Santiago Garcia Mantinan <ma...@debian.org>  Fri, 28 May 2021
+  -- Santiago Garcia Mantinan <ma...@debian.org>  Fri, 28 May 2021
  12:28:20 +0200
  
  squid (4.13-9) unstable; urgency=medium
  
-   * Clarify on NEWS and scripts that we no longer remove logs on purge.
-   * Clarify on postrm script that the debhelper code was put manually.
-   * Add README.Debian to squid-openssl.
+   * Clarify on NEWS and scripts that we no longer remove logs on purge.
+   * Clarify on postrm script that the debhelper code was put manually.
+   * Add README.Debian to squid-openssl.
  
-  -- Santiago Garcia Mantinan <ma...@debian.org>  Tue, 23 Mar 2021
+  -- Santiago Garcia Mantinan <ma...@debian.org>  Tue, 23 Mar 2021
  00:18:11 +0100
  
  squid (4.13-8) unstable; urgency=medium
  
-   * Add SQUID-2020_11.patch to fix HTTP Request Smuggling.
-     Fixes: CVE-2020-25097. Closes: #985068.
+   * Add SQUID-2020_11.patch to fix HTTP Request Smuggling.
+     Fixes: CVE-2020-25097. Closes: #985068.
  
-  -- Santiago Garcia Mantinan <ma...@debian.org>  Sun, 21 Mar 2021
+  -- Santiago Garcia Mantinan <ma...@debian.org>  Sun, 21 Mar 2021
  00:58:29 +0100
  
  squid (4.13-7) unstable; urgency=medium
  
-   * Add full postrm scripts while we don't solve #984897 on debhelper.
-     Closes: #984880.
+   * Add full postrm scripts while we don't solve #984897 on debhelper.
+     Closes: #984880.
  
-  -- Santiago Garcia Mantinan <ma...@debian.org>  Wed, 10 Mar 2021
+  -- Santiago Garcia Mantinan <ma...@debian.org>  Wed, 10 Mar 2021
  09:19:32 +0100
  
  squid (4.13-6) unstable; urgency=medium
  
-   * Stop removing cache and config file on postrm. Closes: #984510.
-   * Increase debhelper build dependency to 12.8 as we need that from -5.
-   * Add NEWS note on the problem with purge on previous versions.
+   * Stop removing cache and config file on postrm. Closes: #984510.
+   * Increase debhelper build dependency to 12.8 as we need that from -5.
+   * Add NEWS note on the problem with purge on previous versions.
  
-  -- Santiago Garcia Mantinan <ma...@debian.org>  Thu, 04 Mar 2021
+  -- Santiago Garcia Mantinan <ma...@debian.org>  Thu, 04 Mar 2021
  14:45:00 +0100
  
  squid (4.13-5) unstable; urgency=high
  
-   * Have a deeper look and change all dpkg-buildpackage commands
-     for similar dh ones. At least at home it works now.
+   * Have a deeper look and change all dpkg-buildpackage commands
+     for similar dh ones. At least at home it works now.
  
-  -- Santiago Garcia Mantinan <ma...@debian.org>  Mon, 08 Feb 2021
+  -- Santiago Garcia Mantinan <ma...@debian.org>  Mon, 08 Feb 2021
  21:35:48 +0100
  
  squid (4.13-4) unstable; urgency=high
  
-   * Remove pre-build from upstream-test-suite.
+   * Remove pre-build from upstream-test-suite.
  
-  -- Santiago Garcia Mantinan <ma...@debian.org>  Mon, 08 Feb 2021
+  -- Santiago Garcia Mantinan <ma...@debian.org>  Mon, 08 Feb 2021
  09:26:25 +0100
- 
  
  ### Old Ubuntu Delta ###
  
  squid (4.13-10ubuntu5) impish; urgency=medium
  
-   * SECURITY UPDATE: information disclosure via OOB read in WCCP protocol
-     - debian/patches/CVE-2021-28116.patch: validate packets better in
-       src/wccp2.cc.
-     - CVE-2021-28116
+   * SECURITY UPDATE: information disclosure via OOB read in WCCP protocol
+     - debian/patches/CVE-2021-28116.patch: validate packets better in
+       src/wccp2.cc.
+     - CVE-2021-28116
  
-  -- Marc Deslauriers <marc.deslauri...@ubuntu.com>  Mon, 04 Oct 2021
+  -- Marc Deslauriers <marc.deslauri...@ubuntu.com>  Mon, 04 Oct 2021
  08:20:07 -0400
  
  squid (4.13-10ubuntu4) impish; urgency=medium
  
-   * Fix FTBFS with GCC 11 (LP: #1939352)
-     - d/p/add-missing-limits-include-connmark.patch: Add missing
-       <limits> include to src/acl/ConnMark.cc.
-     - d/p/fix-max-pkt-sz-for-icmpEchoData-padding.patch.patch: Expand
-       MAX_PKT{4,6}_SZ to accomodate for icmp{,6_}hdr.
-     - d/p/replace-cbdata-offset-hack-with-offsetof.patch: Replace
-       cbdata::Offset hack with offsetof().
-     - d/p/workaround-gcc11-wstringop-overread-bug.patch: Workaround
-       GCC 11 -Wstringop-overread bug.
+   * Fix FTBFS with GCC 11 (LP: #1939352)
+     - d/p/add-missing-limits-include-connmark.patch: Add missing
+       <limits> include to src/acl/ConnMark.cc.
+     - d/p/fix-max-pkt-sz-for-icmpEchoData-padding.patch.patch: Expand
+       MAX_PKT{4,6}_SZ to accomodate for icmp{,6_}hdr.
+     - d/p/replace-cbdata-offset-hack-with-offsetof.patch: Replace
+       cbdata::Offset hack with offsetof().
+     - d/p/workaround-gcc11-wstringop-overread-bug.patch: Workaround
+       GCC 11 -Wstringop-overread bug.
  
-  -- Sergio Durigan Junior <sergio.duri...@canonical.com>  Fri, 20 Aug
+  -- Sergio Durigan Junior <sergio.duri...@canonical.com>  Fri, 20 Aug
  2021 00:19:41 -0400
  
  squid (4.13-10ubuntu3) impish; urgency=medium
  
-   * Fix failure to build on RISC-V (LP: #1934891)
+   * Fix failure to build on RISC-V (LP: #1934891)
  
-  -- Heinrich Schuchardt <heinrich.schucha...@canonical.com>  Wed, 07 Jul
+  -- Heinrich Schuchardt <heinrich.schucha...@canonical.com>  Wed, 07 Jul
  2021 14:11:51 +0200
  
  squid (4.13-10ubuntu2) impish; urgency=medium
  
-   * No-change rebuild due to OpenLDAP soname bump.
+   * No-change rebuild due to OpenLDAP soname bump.
  
-  -- Sergio Durigan Junior <sergio.duri...@canonical.com>  Mon, 21 Jun
+  -- Sergio Durigan Junior <sergio.duri...@canonical.com>  Mon, 21 Jun
  2021 18:09:05 -0400
  
  squid (4.13-10ubuntu1) impish; urgency=medium
  
-   * Merge with Debian unstable. Remaining changes:
-     - d/usr.sbin.squid: Add sections for squid-deb-proxy and
-       squidguard
-     - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
-       packaging
-     - Use snakeoil certificates:
-       + d/control: add ssl-cert to dependencies
-       + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
-         to the default config file
-     - d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694)
-     - d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
-       Fix call to free on nonheap-object in snmpCreateOidFromStr
+   * Merge with Debian unstable. Remaining changes:
+     - d/usr.sbin.squid: Add sections for squid-deb-proxy and
+       squidguard
+     - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
+       packaging
+     - Use snakeoil certificates:
+       + d/control: add ssl-cert to dependencies
+       + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
+         to the default config file
+     - d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694)
+     - d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
+       Fix call to free on nonheap-object in snmpCreateOidFromStr
  
-  -- Marc Deslauriers <marc.deslauri...@ubuntu.com>  Fri, 04 Jun 2021
+  -- Marc Deslauriers <marc.deslauri...@ubuntu.com>  Fri, 04 Jun 2021
  12:49:43 -0400

** Changed in: squid (Ubuntu)
    Milestone: None => ubuntu-22.01

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946903

Title:
  Merge squid from Debian unstable for 22.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1946903/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs