Your message dated Sat, 09 Oct 2021 16:35:32 +0000
with message-id <[email protected]>
and subject line Bug#986804: fixed in squid 5.2-1
has caused the Debian Bug report #986804,
regarding CVE-2021-28116
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
986804: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986804
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: squid
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <[email protected]>
There's currently no further details other than
https://www.zerodayinitiative.com/advisories/ZDI-21-157/
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: squid
Source-Version: 5.2-1
Done: Luigi Gangitano <[email protected]>
We believe that the bug you reported is fixed in the latest version of
squid, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Luigi Gangitano <[email protected]> (supplier of updated squid package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 9 Oct 2021 17:03:54 +0200
Source: squid
Architecture: source
Version: 5.2-1
Distribution: unstable
Urgency: medium
Maintainer: Luigi Gangitano <[email protected]>
Changed-By: Luigi Gangitano <[email protected]>
Closes: 976131 986804
Changes:
squid (5.2-1) unstable; urgency=medium
.
[ Amos Jeffries <[email protected]> ]
* New Upstream Release (Closes: #986804, #976131)
Fixes: CVE-2021-28116. Out-Of-Bounds memory access in WCCPv2
Fixes: CVE-2021-41611. Improper Certificate Validation of TLS server
certificates
.
[ L.P.H. van Belle <[email protected]> ]
* debian/rules
- polish override_dh_installsystemd action to match other sequences
.
* debian/NEWS
- bump version number to make Lintian happy
Checksums-Sha1:
fa52ac232a907dad3a4b23506bd2fb60e6ab895b 2943 squid_5.2-1.dsc
0568a55c8bf20fbcbfadf126347f3e790945e5d2 2553872 squid_5.2.orig.tar.xz
f3b404ae83fe38734a7324c72d00314316c1c4a3 1193 squid_5.2.orig.tar.xz.asc
be2399368054231bd0a4864f1410f6be709c1466 42868 squid_5.2-1.debian.tar.xz
5aa3b0d7a72eec5c25b274682af726ac3989fc61 9524 squid_5.2-1_amd64.buildinfo
Checksums-Sha256:
3895c7f0ec117a7535692a2a1df24195d1cf23e62df09097f73d1cce5f42908c 2943
squid_5.2-1.dsc
ea921f055c6cc4b3c6542d995f5a7c5980f2f91adaaa10fe8260d0f1527aaf80 2553872
squid_5.2.orig.tar.xz
9d0c80b579061007349dbd622f6be9b625503c648820a3dafaab8a3377cebdfe 1193
squid_5.2.orig.tar.xz.asc
1f8a59681e57aeb8c64ac22bbcf7c941984cb2c3f4d3bb2a920a83b57b239bfc 42868
squid_5.2-1.debian.tar.xz
586e0bb1250d4c147e0539653ee71374ea3496136a1c6364f47d484a8b43ff94 9524
squid_5.2-1_amd64.buildinfo
Files:
a317a140dae09aff8f4cea98fb07d65f 2943 web optional squid_5.2-1.dsc
102984f3ea382a1fa5bd917c2ee155ec 2553872 web optional squid_5.2.orig.tar.xz
5e19488a0e4c471ded0cef0650e1900e 1193 web optional squid_5.2.orig.tar.xz.asc
95387d7839c8abd7417e74cc95587f09 42868 web optional squid_5.2-1.debian.tar.xz
b4c71e36ebe63fab1bfcd48ced4a8b15 9524 web optional squid_5.2-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEjUhaNf8ebreQ5Q9tAoTyDCupfO0FAmFhviUACgkQAoTyDCup
fO1/5w/+JmJldIj44uylpjAk4knhLQVBUiZKbqi7yl0iLf5GN3r2sm3kF2xuBemw
japNIGmsezK2e4NAL2l2DPEQkRC0cprd0prcJ4bz10ajnjdD6PqT/Y40T742QyUa
BnZMdUDeOCD/7xOC14xWQxdZOVGzvusYkwFxOVKRzPGTicSjZCsn+ZLZL5O3dLAs
HWPAd+oyTnUDSPOKmxzkaYIDlktvDcpT4S3D1eqAzo3Pi9ajrEi5KPI9tCtbjsx2
iLTZcR4TyMiEwzTuchnfwyitSxx0TPnx2poaJGZDZKnBAyU0NbomuzUKAqlLNsr3
7AsZvfvval9YUCsU0wJI+Z8foA3AV4102+io8YCBDCfckPm2nfN+t6HpIR8hAice
ATukxqwMW1j5QC7/K63bbzszLhxcTQ5wArIsqOFjVA/JywLc9FZj+8AH1jP+Jq8/
/j9I4/DJe1zb+q8MR5a/hryJuw/77oTtopr/q6Cw2lD50Atuba3unZy69gI22Qac
UWxAbGHnJbLxv31SvjjYBvhiicWmq1qv5InWq9P6u36BhSruSLOA11GXcPMzMTkB
faSxe4ibqTR3jQ2QAM7LAwchbJXtYfUrpN121F0DgXEBEyM0cUyMNmsac8HeTPLo
U/FGerB4O6YkFR1t/oBTDQmU/fC3txVOm0ZkxcUD9IurH1liRIo=
=k/Bp
-----END PGP SIGNATURE-----
--- End Message ---
