Public bug reported: Scheduled-For: Backlog Upstream: tbd Debian: 6.10-1 Ubuntu: 6.10-1ubuntu1
There is nothing yet to merge for squid currently, but this ticket is filed prospectfully for tracking purposes in case a merge does become available later this cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Jammy Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### squid (6.10-1) unstable; urgency=high [ Amos Jeffries <[email protected]> ] * New Upstream Release 6.10 Fixes: CVE-2024-37894. SQUID-2024:3 (Closes: #1074284) -- Luigi Gangitano <[email protected]> Mon, 1 Jul 2024 12:04:20 +0200 squid (6.9-1) unstable; urgency=medium [ Amos Jeffries <[email protected]> ] * New Upstream Release 6.9 -- Luigi Gangitano <[email protected]> Tue, 9 Apr 2024 15:04:20 +0200 squid (6.8-1) unstable; urgency=high [ Amos Jeffries <[email protected]> ] * New Upstream Release 6.8 Fixes: CVE-2024-25111. SQUID-2024:1 [ Luigi Gangitano <[email protected]> ] * debian/control - Migrate from pkg-config to pkgconf -- Luigi Gangitano <[email protected]> Mon, 4 Mar 2024 18:04:20 +0100 squid (6.6-1) unstable; urgency=high [ Amos Jeffries <[email protected]> ] * New Upstream Release 6.6 Fixes: CVE-2023-50269. SQUID-2023:10 (Closes: #1058721) Fixes: CVE-2024-23638. SQUID-2023:11 [ Luigi Gangitano <[email protected]> ] * debian/patches/ - Refreshed patches * debian/squid-openssl.dirs - Stop creating empty /lib/systemd/system directory (Closes: #1058860) * debian/changelog - Fixed typo in CVE reference -- Luigi Gangitano <[email protected]> Thu, 18 Jan 2024 13:04:20 +0100 squid (6.5-1) unstable; urgency=high [ Amos Jeffries <[email protected]> ] * New Upstream Release 6.5 Fixes: CVE-2023-46846. SQUID-2023:1 (Closes: #1054537) Fixes: CVE-2023-5824. SQUID-2023:2 (Closes: #1055249) Fixes: CVE-2023-46847. SQUID-2023:3 (Closes: #1055250) Fixes: CVE-2023-46724. SQUID-2023:4 (Closes: #1055252) Fixes: CVE-2023-46848. SQUID-2023:5 (Closes: #1055251) Fixes: CVE-2019-18860. SQUID-2023:6 Fixes: CVE-2023-49285. SQUID-2023:7 Fixes: CVE-2023-49286. SQUID-2023:8 Fixes: CVE-2024-25617. SQUID-2024:2 * Update debian/tests/upstream-test-suite for new version (Closes: #1053557) -- Luigi Gangitano <[email protected]> Thu, 9 Nov 2023 15:04:20 +0100 squid (6.3-1) unstable; urgency=medium [ Amos Jeffries <[email protected]> ] * New Upstream version 6.3 (Closes: #1049926, #1043505) * debian/patches/ - remove 0007-ftbfs-gnu-hurd.patch integrated upstream -- Luigi Gangitano <[email protected]> Thu, 28 Sep 2023 16:04:20 +0200 squid (6.1-2) unstable; urgency=low [ Amos Jeffries <[email protected]> ] * debian/patches/ - add 0007-ftbfs-gnu-hurd.patch to fix GNU/Hurd build -- Luigi Gangitano <[email protected]> Thu, 13 Jul 2023 13:04:20 +0200 squid (6.1-1) unstable; urgency=medium [ Amos Jeffries <[email protected]> ] * debian/{control,watch} - New Upstream Release * debian/patches/ - refresh for new upstream version - add 0006-upstream-807ae4df2164defbb5f59b99282e24010b4a0b85.patch - remove 0003-installed-binary-for-debian-ci.patch integrated upstream - remove 1f13f721263a4cc75e4b798a230022561047899c.patch integrated upstream - remove edad3f150de8af0aeb2f629508be3219b83369b9.patch integrated upstream [ Luigi Gangitano <[email protected]> ] * debian/patches/ - add Fordwarded tag * debian/control ### Old Ubuntu Delta ### squid (6.10-1ubuntu1) oracular; urgency=medium * Merge with Debian unstable (LP: #2073322). Remaining changes: - d/usr.sbin.squid: Add sections for squid-deb-proxy and squidguard - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb packaging - Use snakeoil certificates: + d/control: add ssl-cert to dependencies + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl to the default config file - d/NEWS: drop the NIS basic auth helper (LP #1895694) - d/p/0009-Fix-Werror-alloc-size-larger-than-on-GCC-12.patch: Fix FTBFS due to -Werror=alloc-size-larger-than on GCC 12. - d/rules: halt build upon test failures. - d/rules: do not include additional configuration files during build time tests. This would lead to test failures due to missing paths. - d/t/upstream-test-suite: use installed squid binary for autopkgtest config file checks. - d/p/0010-Fix-Werror-sign-compare-on-GCC-13.patch: fix comparison between signed and unsigned values. - d/rules: disable LTO related compilation errors for ppc64el builds. - d/source_squid.py, d/rules: Add apport hook (LP #676141) * Dropped changes: - d/t/upstream-test-suite: adjust autopkgtests following dpkg changes enabling ELF metadata. (LP #2071468) [ LP bug fixed in dpkg,binutils ] - SECURITY UPDATE: DoS in ESI processing using multi-byte characters + debian/patches/CVE-2024-37894.patch: fix variable datatype to handle variables names outside standard ASCII characters + CVE-2024-37894 [ Fixed in 6.10 ] -- Renan Rodrigo <[email protected]> Thu, 12 Sep 2024 16:23:16 -0300 ** Affects: squid (Ubuntu) Importance: Undecided Status: Incomplete ** Tags: needs-merge upgrade-software-version ** Changed in: squid (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Server/Client Support Team, which is subscribed to squid in Ubuntu. Matching subscriptions: Ubuntu Server/Client Support Team https://bugs.launchpad.net/bugs/2085293 Title: Merge squid from Debian unstable for jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2085293/+subscriptions -- Mailing list: https://launchpad.net/~enterprise-support Post to : [email protected] Unsubscribe : https://launchpad.net/~enterprise-support More help : https://help.launchpad.net/ListHelp
