Debian Patches
Status for squid/6.13-2+deb13u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Default-configuration-file-for-debian.patch | Default configuration file for debian | Amos Jeffries <amosjeffries@squid-cache.org> | not-needed | 2023-06-19 | ||
| 0002-Change-default-file-locations-for-debian.patch | Change default file locations for debian | Luigi Gangitano <luigi@debian.org> | not-needed | 2023-06-19 | ||
| 0005-Use-RuntimeDirectory-to-create-run-squid.patch | Use RuntimeDirectory to create /run/squid Instead of installing the /run/squid directory, which goes against Debian Policy, we instruct systemd to automatically create it for us when the service is started. |
Sergio Durigan Junior <sergiodj@debian.org> | no | 2020-05-11 | ||
| 0006-upstream-807ae4df2164defbb5f59b99282e24010b4a0b85.patch | Check mishandles cases where the listening port hostname does not match the request-target hostname.=================================================================== | Amos Jeffries <amosjeffries@squid-cache.org> | not-needed | 2023-07-08 | ||
| CVE-2025-62168.patch | [PATCH] Bug 3390: Proxy auth data visible to scripts (#2249) Original changes to redact credentials from error page %R code expansion output was incomplete. It missed the parse failure case where ErrorState::request_hdrs raw buffer contained sensitive information. Also missed was the %W case where full request message headers were generated in a mailto link. This case is especially problematic as it may be delivered over insecure SMTP even if the error was secured with HTTPS. After this change: * The HttpRequest message packing code for error pages is de-duplicated and elides authentication headers for both %R and %W code outputs. * The %R code output includes the CRLF request message terminator. * The email_err_data directive causing advanced details to be added to %W mailto links is disabled by default. Also redact credentials from generated TRACE responses. |
Amos Jeffries <yadij@users.noreply.github.com> | no | 2025-10-11 | ||
| CVE-2025-59362.patch | Fix ASN.1 encoding of long SNMP OIDs (#2149) | Alex Rousskov <rousskov@measurement-factory.com> | yes | upstream | https://github.com/squid-cache/squid/commit/0d89165ee6da10e6fa50c44998b3cd16d59400e9 | 2025-08-30 |
All known versions for source package 'squid'
- 7.2-2 (forky, sid)
- 6.13-2+deb13u1 (trixie-security, trixie)
- 5.7-2+deb12u5 (bookworm-proposed-updates)
- 5.7-2+deb12u4 (bookworm-security)
- 5.7-2+deb12u3 (bookworm)