it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5982-1] squid security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5982-1] squid security update
Date: Thu, 21 Aug 2025 17:52:19 +0000
Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/aKdc05A1pybHK4UP AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=5W5MALWvpcWmmXLHWcurglzfqdR/rAP+q8NLPj+Qjhg=; b=pl DAnt5TDILxJOyn25ZzgGwYDNJ7rm9sxlN/MZ90kUfI6uQpfZv+UFntkPqP0B1emsAnoTlq7DLr+pC zpQEitQ6HVzlmOzSb95WRdhGCfxsp1kX1z2u9UrPcxaKGtELQqmF38mrP9deL/UGNKVo7Zh6d728G ZEA7tTorhnhQ5RFUv7VstdpyAxV7STsNQfFTyNbMPTLJMHgnQVViwzXd8sQHdgybhMzQ29bR36DWI 5QTJl4Vfya3Ere9DBKH8hjRr550Bl6IMgQOKxEY+ySm4xP+PWJ5kNFO7gvPparJq1xqXyRluNhefj KJ1a5+MtOaLjxW0XU0/lVVj9lnyErXSw==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Thu, 21 Aug 2025 17:52:45 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <pihsb3Fr5bH.A.hozP.tz1poB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5982-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 21, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : squid
CVE ID : CVE-2023-5824 CVE-2025-54574

Two security issues were discovered in the Squid proxy caching server,
which could result in the execution of arbitrary code, information
disclosure or denial of service.

For the oldstable distribution (bookworm), these problems have been fixed
in version 5.7-2+deb12u3.

We recommend that you upgrade your squid packages.

For the detailed security status of squid please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/squid

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAminXJ0ACgkQEMKTtsN8
TjbbWxAAmv7z+jnLmYYT6f6iIsbEHLX6yNpEwyUWaOboDUc6Wt19Oh5j+kIIPQP0
V68aO+Q8582nV8//7GZAqGbomdE5LPTI73DPq6uRtvoGWlXmpn1ovfANFzmFnNwG
U6EsTvMUT9fjKSwBr4i3t+h5VaA5Lh/9nkUCUSKjEBHoRd/cQpdyAqnxzMUI8Fvd
UDY76M+MBM36aqjgKs1SiUbSOVjN2qkYz3InRdPlXvGBDSvp5inw54nNiH8FlQ1i
z2KsBqdv0xUY1J+E1WHczBBhV+g59vi4pLUC197288+3rQ22BxCf6FfxOveDji+O
2wheqndkI8DyACsb83iYMN1BPRzHDl9AXrzo6ocjAbHmNEHZfWFlUPDEU8qHOqZU
JSRH05RgtcuJTdppW3grfbUzXnSCPxm2ClcrMScHEYpTHgURhfv6wUqXQtoQv8PZ
VYksqYGHNFsAIK48PcI2sEZMNt6KCBtbBuO6kqhUPvI7TOW18GDUtkrXK23R7fiM
XBAi5atF1NXDgdhTqUm280BYGoLizi9B0N3zCJIVrN+wAP/Ak7ayyjj23L8a2/Ql
kGoeG7nCb/vvPzdarZtVWGCR5eoIA4oS0lWlHE26yOH0tu48kOm5ksaVIzxQNPaN
PfxXcpu/+rlGuBMv8BgbRor9PpNYLQvzoBnzyIsfcYON8T31Sr0=
=Lg1+
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5982-1] squid security update, Moritz Muehlenhoff, 21.08.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.