Univention Bugzilla – Bug 57009
squid: Multiple issues (5.0)
Last modified: 2024-01-31 15:39:46 CET
New Debian squid 4.6-1+deb10u10A~5.0.6.202401290803 fixes: This update addresses the following issue: 4.6-1+deb10u10 (Mon, 22 Jan 2024 17:24:08 +0100) * Non-maintainer upload by the LTS team. * CVE-2023-46846: It was discovered that the fix for CVE-2023-46846 was incomplete. In some cases Squid, a full featured web proxy cache, returned empty responses for URLs when Transfer-Encoding: chunked was in use.
--- mirror/ftp/pool/main/s/squid/squid_4.6-1+deb10u9A~5.0.6.202401091025.dsc +++ apt/ucs_5.0-0-errata5.0-6/source/squid_4.6-1+deb10u10A~5.0.6.202401290803.dsc @@ -1,8 +1,16 @@ -4.6-1+deb10u9A~5.0.6.202401091025 [Tue, 09 Jan 2024 10:25:57 +0100] Univention builddaemon <buildd@univention.de>: +4.6-1+deb10u10A~5.0.6.202401290803 [Mon, 29 Jan 2024 08:03:55 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 001-enable-ssl.patch 005-squid-4-14311.quilt + +4.6-1+deb10u10 [Mon, 22 Jan 2024 17:24:08 +0100] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2023-46846: + It was discovered that the fix for CVE-2023-46846 was incomplete. In some + cases Squid, a full featured web proxy cache, returned empty responses for + URLs when Transfer-Encoding: chunked was in use. (Closes: #1060857) 4.6-1+deb10u9 [Mon, 08 Jan 2024 23:02:12 +0100] Markus Koschany <apo@debian.org>: <http://piuparts.knut.univention.de/5.0-6/#2079253450542412009>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-6] a15473c936 Bug #57009: squid 4.6-1+deb10u10A~5.0.6.202401290803 doc/errata/staging/squid.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) [5.0-6] 4340a2e340 Bug #57009: squid 4.6-1+deb10u10A~5.0.6.202401290803 doc/errata/staging/squid.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x933>