View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/squid3
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/ubuntu/dsc 2018-10-31 21:33:17 UTC 2018-10-31
DSC file for 3.5.12-1ubuntu7.6

Author: Ubuntu Git Importer
Author Date: 2018-10-31 21:33:17 UTC

DSC file for 3.5.12-1ubuntu7.6

applied/ubuntu/xenial-proposed 2018-10-31 17:28:12 UTC 2018-10-31
Import patches-applied version 3.5.12-1ubuntu7.6 to applied/ubuntu/xenial-pro...

Author: Andreas Hasenack
Author Date: 2018-10-31 12:22:14 UTC

Import patches-applied version 3.5.12-1ubuntu7.6 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 2e47ecb296b150448e041594dd7ac3a5bf2168c8
Unapplied parent: 930e9c867781bd9dde55629f650d7ec8c0bbdeb1

New changelog entries:
  * d/squid.rc: fix regexp for catching FATAL errors (LP: #1738412)
  * d/t/test-squid.py: in xenial, initscript, apparmor profile, pidfile and
    process are named squid, not squid3. Get rid of the multiple distro
    logic since these tests will be only run on xenial.
  * d/t/control: drop uneeded dependency on python-unit.
  * d/t/squid: use a shorter shutdown timeout for the tests, so they
    run faster

applied/ubuntu/xenial-updates 2018-10-31 17:28:12 UTC 2018-10-31
Import patches-applied version 3.5.12-1ubuntu7.6 to applied/ubuntu/xenial-pro...

Author: Andreas Hasenack
Author Date: 2018-10-31 12:22:14 UTC

Import patches-applied version 3.5.12-1ubuntu7.6 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 2e47ecb296b150448e041594dd7ac3a5bf2168c8
Unapplied parent: 930e9c867781bd9dde55629f650d7ec8c0bbdeb1

New changelog entries:
  * d/squid.rc: fix regexp for catching FATAL errors (LP: #1738412)
  * d/t/test-squid.py: in xenial, initscript, apparmor profile, pidfile and
    process are named squid, not squid3. Get rid of the multiple distro
    logic since these tests will be only run on xenial.
  * d/t/control: drop uneeded dependency on python-unit.
  * d/t/squid: use a shorter shutdown timeout for the tests, so they
    run faster

applied/ubuntu/xenial-devel 2018-10-31 17:28:12 UTC 2018-10-31
Import patches-applied version 3.5.12-1ubuntu7.6 to applied/ubuntu/xenial-pro...

Author: Andreas Hasenack
Author Date: 2018-10-31 12:22:14 UTC

Import patches-applied version 3.5.12-1ubuntu7.6 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 2e47ecb296b150448e041594dd7ac3a5bf2168c8
Unapplied parent: 930e9c867781bd9dde55629f650d7ec8c0bbdeb1

New changelog entries:
  * d/squid.rc: fix regexp for catching FATAL errors (LP: #1738412)
  * d/t/test-squid.py: in xenial, initscript, apparmor profile, pidfile and
    process are named squid, not squid3. Get rid of the multiple distro
    logic since these tests will be only run on xenial.
  * d/t/control: drop uneeded dependency on python-unit.
  * d/t/squid: use a shorter shutdown timeout for the tests, so they
    run faster

ubuntu/xenial-updates 2018-10-31 17:28:12 UTC 2018-10-31
Import patches-unapplied version 3.5.12-1ubuntu7.6 to ubuntu/xenial-proposed

Author: Andreas Hasenack
Author Date: 2018-10-31 12:22:14 UTC

Import patches-unapplied version 3.5.12-1ubuntu7.6 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Upload parent: 952103bbf339cabc5fbe17214eb6909d2f23652e

ubuntu/xenial-devel 2018-10-31 17:28:12 UTC 2018-10-31
Import patches-unapplied version 3.5.12-1ubuntu7.6 to ubuntu/xenial-proposed

Author: Andreas Hasenack
Author Date: 2018-10-31 12:22:14 UTC

Import patches-unapplied version 3.5.12-1ubuntu7.6 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Upload parent: 952103bbf339cabc5fbe17214eb6909d2f23652e

ubuntu/xenial-proposed 2018-10-31 17:28:12 UTC 2018-10-31
Import patches-unapplied version 3.5.12-1ubuntu7.6 to ubuntu/xenial-proposed

Author: Andreas Hasenack
Author Date: 2018-10-31 12:22:14 UTC

Import patches-unapplied version 3.5.12-1ubuntu7.6 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Upload parent: 952103bbf339cabc5fbe17214eb6909d2f23652e

ubuntu/bionic-devel 2018-10-02 22:23:20 UTC 2018-10-02
Import patches-unapplied version 3.5.27-1ubuntu1.1 to ubuntu/bionic-proposed

Author:  Christian Ehrhardt 
Author Date: 2018-09-28 07:09:50 UTC

Import patches-unapplied version 3.5.27-1ubuntu1.1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Upload parent: 3523747c73a128e18d6c5ad2401a4f5666259649

applied/ubuntu/bionic-proposed 2018-10-02 22:23:20 UTC 2018-10-02
Import patches-applied version 3.5.27-1ubuntu1.1 to applied/ubuntu/bionic-pro...

Author:  Christian Ehrhardt 
Author Date: 2018-09-28 07:09:50 UTC

Import patches-applied version 3.5.27-1ubuntu1.1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 7325fa93871e7c1d9a0742c1be3b4f2a518344d1
Unapplied parent: 1fa91a776ef59e6fecf205fa50f09f8bccf81484

New changelog entries:
  [ Simon Deziel ]
  * d/usr.sbin.squid: Update apparmor profile to grant read access to squid
    binary (LP: #1792728)

ubuntu/bionic-updates 2018-10-02 22:23:20 UTC 2018-10-02
Import patches-unapplied version 3.5.27-1ubuntu1.1 to ubuntu/bionic-proposed

Author:  Christian Ehrhardt 
Author Date: 2018-09-28 07:09:50 UTC

Import patches-unapplied version 3.5.27-1ubuntu1.1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Upload parent: 3523747c73a128e18d6c5ad2401a4f5666259649

applied/ubuntu/bionic-devel 2018-10-02 22:23:20 UTC 2018-10-02
Import patches-applied version 3.5.27-1ubuntu1.1 to applied/ubuntu/bionic-pro...

Author:  Christian Ehrhardt 
Author Date: 2018-09-28 07:09:50 UTC

Import patches-applied version 3.5.27-1ubuntu1.1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 7325fa93871e7c1d9a0742c1be3b4f2a518344d1
Unapplied parent: 1fa91a776ef59e6fecf205fa50f09f8bccf81484

New changelog entries:
  [ Simon Deziel ]
  * d/usr.sbin.squid: Update apparmor profile to grant read access to squid
    binary (LP: #1792728)

ubuntu/bionic-proposed 2018-10-02 22:23:20 UTC 2018-10-02
Import patches-unapplied version 3.5.27-1ubuntu1.1 to ubuntu/bionic-proposed

Author:  Christian Ehrhardt 
Author Date: 2018-09-28 07:09:50 UTC

Import patches-unapplied version 3.5.27-1ubuntu1.1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Upload parent: 3523747c73a128e18d6c5ad2401a4f5666259649

applied/ubuntu/bionic-updates 2018-10-02 22:23:20 UTC 2018-10-02
Import patches-applied version 3.5.27-1ubuntu1.1 to applied/ubuntu/bionic-pro...

Author:  Christian Ehrhardt 
Author Date: 2018-09-28 07:09:50 UTC

Import patches-applied version 3.5.27-1ubuntu1.1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 7325fa93871e7c1d9a0742c1be3b4f2a518344d1
Unapplied parent: 1fa91a776ef59e6fecf205fa50f09f8bccf81484

New changelog entries:
  [ Simon Deziel ]
  * d/usr.sbin.squid: Update apparmor profile to grant read access to squid
    binary (LP: #1792728)

applied/ubuntu/cosmic-devel 2018-09-17 08:58:19 UTC 2018-09-17
Import patches-applied version 3.5.27-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Simon Déziel
Author Date: 2018-09-15 17:55:32 UTC

Import patches-applied version 3.5.27-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 7325fa93871e7c1d9a0742c1be3b4f2a518344d1
Unapplied parent: 090b9a0f5330d1d17352f3a338b8536374cca87a

New changelog entries:
  * Update apparmor profile to grant read access to squid binary (LP: #1792728)

applied/ubuntu/devel 2018-09-17 08:58:19 UTC 2018-09-17
Import patches-applied version 3.5.27-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Simon Déziel
Author Date: 2018-09-15 17:55:32 UTC

Import patches-applied version 3.5.27-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 7325fa93871e7c1d9a0742c1be3b4f2a518344d1
Unapplied parent: 090b9a0f5330d1d17352f3a338b8536374cca87a

New changelog entries:
  * Update apparmor profile to grant read access to squid binary (LP: #1792728)

ubuntu/cosmic-devel 2018-09-17 08:58:19 UTC 2018-09-17
Import patches-unapplied version 3.5.27-1ubuntu2 to ubuntu/cosmic-proposed

Author: Simon Déziel
Author Date: 2018-09-15 17:55:32 UTC

Import patches-unapplied version 3.5.27-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Upload parent: 756e69acadca67009fc69a84db816a2baddfa84d

ubuntu/devel 2018-09-17 08:58:19 UTC 2018-09-17
Import patches-unapplied version 3.5.27-1ubuntu2 to ubuntu/cosmic-proposed

Author: Simon Déziel
Author Date: 2018-09-15 17:55:32 UTC

Import patches-unapplied version 3.5.27-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Upload parent: 756e69acadca67009fc69a84db816a2baddfa84d

applied/ubuntu/cosmic-proposed 2018-09-17 08:58:19 UTC 2018-09-17
Import patches-applied version 3.5.27-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Simon Déziel
Author Date: 2018-09-15 17:55:32 UTC

Import patches-applied version 3.5.27-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 7325fa93871e7c1d9a0742c1be3b4f2a518344d1
Unapplied parent: 090b9a0f5330d1d17352f3a338b8536374cca87a

New changelog entries:
  * Update apparmor profile to grant read access to squid binary (LP: #1792728)

ubuntu/cosmic-proposed 2018-09-17 08:58:19 UTC 2018-09-17
Import patches-unapplied version 3.5.27-1ubuntu2 to ubuntu/cosmic-proposed

Author: Simon Déziel
Author Date: 2018-09-15 17:55:32 UTC

Import patches-unapplied version 3.5.27-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Upload parent: 756e69acadca67009fc69a84db816a2baddfa84d

importer/debian/dsc 2018-07-05 14:45:53 UTC 2018-07-05
DSC file for 3.4.8-6+deb8u5

Author: Ubuntu Git Importer
Author Date: 2018-07-05 14:45:53 UTC

DSC file for 3.4.8-6+deb8u5

applied/debian/jessie 2018-06-23 17:28:50 UTC 2018-06-23
Import patches-applied version 3.4.8-6+deb8u5 to applied/debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2018-02-18 16:20:03 UTC

Import patches-applied version 3.4.8-6+deb8u5 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 87db1740cb5727026e5b7fafc2c770b1ca697dcc
Unapplied parent: 948a851e02edfa07248dd4f96d93e0b81ed7d6b4

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * ESI: make sure endofName never exceeds tagEnd (CVE-2018-1000024)
    (Closes: #888719)
  * Fix indirect IP logging for transactions without a client connection
    (CVE-2018-1000027) (Closes: #888720)

debian/jessie 2018-06-23 17:28:50 UTC 2018-06-23
Import patches-unapplied version 3.4.8-6+deb8u5 to debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2018-02-18 16:20:03 UTC

Import patches-unapplied version 3.4.8-6+deb8u5 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 3d69d84c22c9172da3d2f13455656bd8877824d1

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * ESI: make sure endofName never exceeds tagEnd (CVE-2018-1000024)
    (Closes: #888719)
  * Fix indirect IP logging for transactions without a client connection
    (CVE-2018-1000027) (Closes: #888720)

debian/stretch 2018-03-10 17:05:57 UTC 2018-03-10
Import patches-unapplied version 3.5.23-5+deb9u1 to debian/stretch

Author: Salvatore Bonaccorso
Author Date: 2018-02-11 21:00:18 UTC

Import patches-unapplied version 3.5.23-5+deb9u1 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: f85827a8ca2fa987bd9ded15a048d43c33f22fcc

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * ESI: make sure endofName never exceeds tagEnd (CVE-2018-1000024)
    (Closes: #888719)
  * Fix indirect IP logging for transactions without a client connection
    (CVE-2018-1000027) (Closes: #888720)

applied/debian/stretch 2018-03-10 17:05:57 UTC 2018-03-10
Import patches-applied version 3.5.23-5+deb9u1 to applied/debian/stretch

Author: Salvatore Bonaccorso
Author Date: 2018-02-11 21:00:18 UTC

Import patches-applied version 3.5.23-5+deb9u1 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: 423bd465ad53619adad08e1adcf93f8a959140a9
Unapplied parent: 16a4f66599fd092eddb6175633110eb751259c4c

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * ESI: make sure endofName never exceeds tagEnd (CVE-2018-1000024)
    (Closes: #888719)
  * Fix indirect IP logging for transactions without a client connection
    (CVE-2018-1000027) (Closes: #888720)

importer/ubuntu/pristine-tar 2018-03-10 00:42:30 UTC 2018-03-10
pristine-tar data for squid3_3.5.27.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-10 00:42:30 UTC

pristine-tar data for squid3_3.5.27.orig.tar.gz

importer/debian/pristine-tar 2018-03-09 23:51:23 UTC 2018-03-09
pristine-tar data for squid3_3.5.27.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-09 23:51:23 UTC

pristine-tar data for squid3_3.5.27.orig.tar.gz

applied/ubuntu/bionic 2018-02-27 15:19:10 UTC 2018-02-27
Import patches-applied version 3.5.27-1ubuntu1 to applied/ubuntu/bionic-proposed

Author: Andreas Hasenack
Author Date: 2018-02-27 11:09:21 UTC

Import patches-applied version 3.5.27-1ubuntu1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 70d67aba98b643b3654f0d4433e01272b1a47262
Unapplied parent: 41e4e001120f76becf3444b59c5fd271019159b2

New changelog entries:
  * Merge with Debian unstable (LP: #1751286). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - GCC7 FTBFS fixes (LP #1712668):
      + d/rules: don't error when hitting the "deprecated" and
       "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
       but one in Format.cc that affects 32bit builds was deemed too intrusive
       for the 3.5 stable series and is only in squid 4.x
  * Dropped changes:
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
      [Already applied upstream]
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>
      [Already applied upstream]
    - SECURITY UPDATE: denial of service in ESI Response processing
      + debian/patches/CVE-2018-1000024.patch: make sure endofName never
        exceeds tagEnd in src/esi/CustomParser.cc.
      + CVE-2018-1000024
        [Added in 3.5.27-1]
    - SECURITY UPDATE: denial of service in in HTTP Message processing
      + debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
        transactions without a client connection in
        src/client_side_request.cc.
      + CVE-2018-1000027
        [Included in 3.5.27-1]
  * Added changes:
    - Do not force gcc-6

ubuntu/bionic 2018-02-27 15:19:10 UTC 2018-02-27
Import patches-unapplied version 3.5.27-1ubuntu1 to ubuntu/bionic-proposed

Author: Andreas Hasenack
Author Date: 2018-02-27 11:09:21 UTC

Import patches-unapplied version 3.5.27-1ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 9660b56a2b6dafa47ee96889d714b56e3fa2c4b0
Upload parent: d34e93acdd3c7d98a3c76e536d15ee625266f6c5

New changelog entries:
  * Merge with Debian unstable (LP: #1751286). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - GCC7 FTBFS fixes (LP #1712668):
      + d/rules: don't error when hitting the "deprecated" and
       "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
       but one in Format.cc that affects 32bit builds was deemed too intrusive
       for the 3.5 stable series and is only in squid 4.x
  * Dropped changes:
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
      [Already applied upstream]
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>
      [Already applied upstream]
    - SECURITY UPDATE: denial of service in ESI Response processing
      + debian/patches/CVE-2018-1000024.patch: make sure endofName never
        exceeds tagEnd in src/esi/CustomParser.cc.
      + CVE-2018-1000024
        [Added in 3.5.27-1]
    - SECURITY UPDATE: denial of service in in HTTP Message processing
      + debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
        transactions without a client connection in
        src/client_side_request.cc.
      + CVE-2018-1000027
        [Included in 3.5.27-1]
  * Added changes:
    - Do not force gcc-6

applied/ubuntu/cosmic 2018-02-27 15:19:10 UTC 2018-02-27
Import patches-applied version 3.5.27-1ubuntu1 to applied/ubuntu/bionic-proposed

Author: Andreas Hasenack
Author Date: 2018-02-27 11:09:21 UTC

Import patches-applied version 3.5.27-1ubuntu1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 70d67aba98b643b3654f0d4433e01272b1a47262
Unapplied parent: 41e4e001120f76becf3444b59c5fd271019159b2

New changelog entries:
  * Merge with Debian unstable (LP: #1751286). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - GCC7 FTBFS fixes (LP #1712668):
      + d/rules: don't error when hitting the "deprecated" and
       "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
       but one in Format.cc that affects 32bit builds was deemed too intrusive
       for the 3.5 stable series and is only in squid 4.x
  * Dropped changes:
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
      [Already applied upstream]
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>
      [Already applied upstream]
    - SECURITY UPDATE: denial of service in ESI Response processing
      + debian/patches/CVE-2018-1000024.patch: make sure endofName never
        exceeds tagEnd in src/esi/CustomParser.cc.
      + CVE-2018-1000024
        [Added in 3.5.27-1]
    - SECURITY UPDATE: denial of service in in HTTP Message processing
      + debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
        transactions without a client connection in
        src/client_side_request.cc.
      + CVE-2018-1000027
        [Included in 3.5.27-1]
  * Added changes:
    - Do not force gcc-6

ubuntu/cosmic 2018-02-27 15:19:10 UTC 2018-02-27
Import patches-unapplied version 3.5.27-1ubuntu1 to ubuntu/bionic-proposed

Author: Andreas Hasenack
Author Date: 2018-02-27 11:09:21 UTC

Import patches-unapplied version 3.5.27-1ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 9660b56a2b6dafa47ee96889d714b56e3fa2c4b0
Upload parent: d34e93acdd3c7d98a3c76e536d15ee625266f6c5

New changelog entries:
  * Merge with Debian unstable (LP: #1751286). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - GCC7 FTBFS fixes (LP #1712668):
      + d/rules: don't error when hitting the "deprecated" and
       "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
       but one in Format.cc that affects 32bit builds was deemed too intrusive
       for the 3.5 stable series and is only in squid 4.x
  * Dropped changes:
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
      [Already applied upstream]
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>
      [Already applied upstream]
    - SECURITY UPDATE: denial of service in ESI Response processing
      + debian/patches/CVE-2018-1000024.patch: make sure endofName never
        exceeds tagEnd in src/esi/CustomParser.cc.
      + CVE-2018-1000024
        [Added in 3.5.27-1]
    - SECURITY UPDATE: denial of service in in HTTP Message processing
      + debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
        transactions without a client connection in
        src/client_side_request.cc.
      + CVE-2018-1000027
        [Included in 3.5.27-1]
  * Added changes:
    - Do not force gcc-6

debian/sid 2018-02-13 22:38:20 UTC 2018-02-13
Import patches-unapplied version 3.5.27-1 to debian/sid

Author: Luigi Gangitano
Author Date: 2018-02-13 14:31:24 UTC

Import patches-unapplied version 3.5.27-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f85827a8ca2fa987bd9ded15a048d43c33f22fcc

New changelog entries:
  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release
  * debian/{control,rules}
    - Add temporary dependency on gcc-6 and g++-6 to workaround FTBFS in
      unstable
  * debian/patches/
    - Fix security issue SQUID-2018:1 (CVE-2016-1000024) (Closes: #888719)
    - Fix security issue SQUID-2018:2 (CVE-2016-1000027) (Closes: #888720)
  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/control
    - Changed priority to optional for squid3 and squid-dbg
    - Removed unneeded Build-Dep on autotools-dev
  * debian/rules
    - Include dpkg-architecture Makefile instead of invoking the binary at
      build time
  * debian/squid.postinst
    - Remove recursive chown calls

applied/debian/buster 2018-02-13 22:38:20 UTC 2018-02-13
Import patches-applied version 3.5.27-1 to applied/debian/sid

Author: Luigi Gangitano
Author Date: 2018-02-13 14:31:24 UTC

Import patches-applied version 3.5.27-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 423bd465ad53619adad08e1adcf93f8a959140a9
Unapplied parent: b45c3c4d4424102a4767f1e23c80c432cc97eaf5

New changelog entries:
  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release
  * debian/{control,rules}
    - Add temporary dependency on gcc-6 and g++-6 to workaround FTBFS in
      unstable
  * debian/patches/
    - Fix security issue SQUID-2018:1 (CVE-2016-1000024) (Closes: #888719)
    - Fix security issue SQUID-2018:2 (CVE-2016-1000027) (Closes: #888720)
  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/control
    - Changed priority to optional for squid3 and squid-dbg
    - Removed unneeded Build-Dep on autotools-dev
  * debian/rules
    - Include dpkg-architecture Makefile instead of invoking the binary at
      build time
  * debian/squid.postinst
    - Remove recursive chown calls

applied/debian/sid 2018-02-13 22:38:20 UTC 2018-02-13
Import patches-applied version 3.5.27-1 to applied/debian/sid

Author: Luigi Gangitano
Author Date: 2018-02-13 14:31:24 UTC

Import patches-applied version 3.5.27-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 423bd465ad53619adad08e1adcf93f8a959140a9
Unapplied parent: b45c3c4d4424102a4767f1e23c80c432cc97eaf5

New changelog entries:
  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release
  * debian/{control,rules}
    - Add temporary dependency on gcc-6 and g++-6 to workaround FTBFS in
      unstable
  * debian/patches/
    - Fix security issue SQUID-2018:1 (CVE-2016-1000024) (Closes: #888719)
    - Fix security issue SQUID-2018:2 (CVE-2016-1000027) (Closes: #888720)
  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/control
    - Changed priority to optional for squid3 and squid-dbg
    - Removed unneeded Build-Dep on autotools-dev
  * debian/rules
    - Include dpkg-architecture Makefile instead of invoking the binary at
      build time
  * debian/squid.postinst
    - Remove recursive chown calls

debian/buster 2018-02-13 22:38:20 UTC 2018-02-13
Import patches-unapplied version 3.5.27-1 to debian/sid

Author: Luigi Gangitano
Author Date: 2018-02-13 14:31:24 UTC

Import patches-unapplied version 3.5.27-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f85827a8ca2fa987bd9ded15a048d43c33f22fcc

New changelog entries:
  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release
  * debian/{control,rules}
    - Add temporary dependency on gcc-6 and g++-6 to workaround FTBFS in
      unstable
  * debian/patches/
    - Fix security issue SQUID-2018:1 (CVE-2016-1000024) (Closes: #888719)
    - Fix security issue SQUID-2018:2 (CVE-2016-1000027) (Closes: #888720)
  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/control
    - Changed priority to optional for squid3 and squid-dbg
    - Removed unneeded Build-Dep on autotools-dev
  * debian/rules
    - Include dpkg-architecture Makefile instead of invoking the binary at
      build time
  * debian/squid.postinst
    - Remove recursive chown calls

ubuntu/trusty-updates 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-unapplied version 3.3.8-1ubuntu6.11 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-02-01 15:11:57 UTC

Import patches-unapplied version 3.3.8-1ubuntu6.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: a0bba1a9d59fded23ef4473c71899665a93ec8ec

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

ubuntu/trusty-security 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-unapplied version 3.3.8-1ubuntu6.11 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-02-01 15:11:57 UTC

Import patches-unapplied version 3.3.8-1ubuntu6.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: a0bba1a9d59fded23ef4473c71899665a93ec8ec

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

ubuntu/trusty-devel 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-unapplied version 3.3.8-1ubuntu6.11 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-02-01 15:11:57 UTC

Import patches-unapplied version 3.3.8-1ubuntu6.11 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: a0bba1a9d59fded23ef4473c71899665a93ec8ec

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

ubuntu/artful-security 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-unapplied version 3.5.23-5ubuntu1.1 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-02-01 15:08:51 UTC

Import patches-unapplied version 3.5.23-5ubuntu1.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 76880b2469d4d576c4fcf4be98a7d2454184e127

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

applied/ubuntu/artful-updates 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-applied version 3.5.23-5ubuntu1.1 to applied/ubuntu/artful-sec...

Author: Marc Deslauriers
Author Date: 2018-02-01 15:08:51 UTC

Import patches-applied version 3.5.23-5ubuntu1.1 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: c9f09a0b71ddb99145dec708c892657aedffbf8d
Unapplied parent: af8242cf1d6eb02c4ca7f1857edbeb4e5a4dddc8

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

applied/ubuntu/artful-devel 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-applied version 3.5.23-5ubuntu1.1 to applied/ubuntu/artful-sec...

Author: Marc Deslauriers
Author Date: 2018-02-01 15:08:51 UTC

Import patches-applied version 3.5.23-5ubuntu1.1 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: c9f09a0b71ddb99145dec708c892657aedffbf8d
Unapplied parent: af8242cf1d6eb02c4ca7f1857edbeb4e5a4dddc8

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

applied/ubuntu/trusty-updates 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-applied version 3.3.8-1ubuntu6.11 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2018-02-01 15:11:57 UTC

Import patches-applied version 3.3.8-1ubuntu6.11 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: b7cc2d958f0da2d71e381dec356d419552221456
Unapplied parent: 7ecb42071d4a7f601a99ad227bffe40ab46220ab

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

ubuntu/artful-updates 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-unapplied version 3.5.23-5ubuntu1.1 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-02-01 15:08:51 UTC

Import patches-unapplied version 3.5.23-5ubuntu1.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 76880b2469d4d576c4fcf4be98a7d2454184e127

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

applied/ubuntu/trusty-security 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-applied version 3.3.8-1ubuntu6.11 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2018-02-01 15:11:57 UTC

Import patches-applied version 3.3.8-1ubuntu6.11 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: b7cc2d958f0da2d71e381dec356d419552221456
Unapplied parent: 7ecb42071d4a7f601a99ad227bffe40ab46220ab

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

applied/ubuntu/trusty-devel 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-applied version 3.3.8-1ubuntu6.11 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2018-02-01 15:11:57 UTC

Import patches-applied version 3.3.8-1ubuntu6.11 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: b7cc2d958f0da2d71e381dec356d419552221456
Unapplied parent: 7ecb42071d4a7f601a99ad227bffe40ab46220ab

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

ubuntu/xenial-security 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-unapplied version 3.5.12-1ubuntu7.5 to ubuntu/xenial-security

Author: Marc Deslauriers
Author Date: 2018-02-01 14:56:31 UTC

Import patches-unapplied version 3.5.12-1ubuntu7.5 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 1ba3c2f3ef77a1fe4f1e2989052562b19fc9401d

New changelog entries:
  * SECURITY UPDATE: various denial of service issues
    - debian/patches/CVE-2016-25xx-1.patch: better handling of huge
      response headers in src/http.cc.
    - debian/patches/CVE-2016-25xx-2.patch: throw instead of asserting on
      some String overflows in src/SquidString.h, src/StrList.cc,
      src/String.cc, src/clients/Client.cc, src/clients/Client.h,
      src/clients/FtpClient.cc, src/http.cc.
    - debian/patches/CVE-2016-25xx-3.patch: fix assertion in custom ESI
      parser in src/esi/CustomParser.cc, src/esi/CustomParser.h.
    - debian/patches/CVE-2016-25xx-4.patch: fix assertion in
      src/FwdState.cc, src/FwdState.h, src/clients/Client.h, src/comm.cc,
      src/comm.h, src/http.cc.
    - CVE-2016-2569
    - CVE-2016-2570
    - CVE-2016-2571
  * SECURITY UPDATE: denial of service via crafted HTTP response
    - debian/patches/CVE-2016-3948.patch: convert Vary handling to SBuf in
      src/HttpRequest.cc, src/HttpRequest.h, src/MemObject.cc,
      src/MemObject.h, src/MemStore.cc, src/StoreMetaVary.cc,
      src/client_side.cc, src/client_side_reply.cc, src/http.cc,
      src/http.h, src/store.cc, src/store_key_md5.cc,
      src/store_swapmeta.cc, src/tests/stub_MemObject.cc,
      src/tests/stub_http.cc.
    - CVE-2016-3948
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

applied/ubuntu/xenial-security 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-applied version 3.5.12-1ubuntu7.5 to applied/ubuntu/xenial-sec...

Author: Marc Deslauriers
Author Date: 2018-02-01 14:56:31 UTC

Import patches-applied version 3.5.12-1ubuntu7.5 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 92efb68ce17c871fb490fe2cabff4333cbe72324
Unapplied parent: fa4c590423093aa573b441a1ce755d81ec7247ee

New changelog entries:
  * SECURITY UPDATE: various denial of service issues
    - debian/patches/CVE-2016-25xx-1.patch: better handling of huge
      response headers in src/http.cc.
    - debian/patches/CVE-2016-25xx-2.patch: throw instead of asserting on
      some String overflows in src/SquidString.h, src/StrList.cc,
      src/String.cc, src/clients/Client.cc, src/clients/Client.h,
      src/clients/FtpClient.cc, src/http.cc.
    - debian/patches/CVE-2016-25xx-3.patch: fix assertion in custom ESI
      parser in src/esi/CustomParser.cc, src/esi/CustomParser.h.
    - debian/patches/CVE-2016-25xx-4.patch: fix assertion in
      src/FwdState.cc, src/FwdState.h, src/clients/Client.h, src/comm.cc,
      src/comm.h, src/http.cc.
    - CVE-2016-2569
    - CVE-2016-2570
    - CVE-2016-2571
  * SECURITY UPDATE: denial of service via crafted HTTP response
    - debian/patches/CVE-2016-3948.patch: convert Vary handling to SBuf in
      src/HttpRequest.cc, src/HttpRequest.h, src/MemObject.cc,
      src/MemObject.h, src/MemStore.cc, src/StoreMetaVary.cc,
      src/client_side.cc, src/client_side_reply.cc, src/http.cc,
      src/http.h, src/store.cc, src/store_key_md5.cc,
      src/store_swapmeta.cc, src/tests/stub_MemObject.cc,
      src/tests/stub_http.cc.
    - CVE-2016-3948
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

applied/ubuntu/artful-security 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-applied version 3.5.23-5ubuntu1.1 to applied/ubuntu/artful-sec...

Author: Marc Deslauriers
Author Date: 2018-02-01 15:08:51 UTC

Import patches-applied version 3.5.23-5ubuntu1.1 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: c9f09a0b71ddb99145dec708c892657aedffbf8d
Unapplied parent: af8242cf1d6eb02c4ca7f1857edbeb4e5a4dddc8

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

ubuntu/artful-devel 2018-02-05 17:50:20 UTC 2018-02-05
Import patches-unapplied version 3.5.23-5ubuntu1.1 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-02-01 15:08:51 UTC

Import patches-unapplied version 3.5.23-5ubuntu1.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 76880b2469d4d576c4fcf4be98a7d2454184e127

New changelog entries:
  * SECURITY UPDATE: denial of service in ESI Response processing
    - debian/patches/CVE-2018-1000024.patch: make sure endofName never
      exceeds tagEnd in src/esi/CustomParser.cc.
    - CVE-2018-1000024
  * SECURITY UPDATE: denial of service in in HTTP Message processing
    - debian/patches/CVE-2018-1000027.patch: fix indirect IP logging for
      transactions without a client connection in
      src/client_side_request.cc.
    - CVE-2018-1000027

ubuntu/trusty-proposed 2017-10-11 14:09:03 UTC 2017-10-11
Import patches-unapplied version 3.3.8-1ubuntu6.10 to ubuntu/trusty-proposed

Author: Andreas Hasenack
Author Date: 2017-09-28 16:23:01 UTC

Import patches-unapplied version 3.3.8-1ubuntu6.10 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: fd21b6e8c7851fd973b2f22d5c665df26b7cc474
Upload parent: e82a0caa94aff9600ce3e6973042dc65d0cfeb1e

New changelog entries:
  * debian/patches/fix-assertion-ftp-put-empty-file.patch: Fix ftp
    assertion error when uploading empty file. Thanks to Alex Rousskov
    <rousskov@measurement-factory.com>. Closes LP: #1423498.

applied/ubuntu/trusty-proposed 2017-10-11 14:09:03 UTC 2017-10-11
Import patches-applied version 3.3.8-1ubuntu6.10 to applied/ubuntu/trusty-pro...

Author: Andreas Hasenack
Author Date: 2017-09-28 16:23:01 UTC

Import patches-applied version 3.3.8-1ubuntu6.10 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: e6384b1a310dd297d0e5f0d9aacdcc77d71b3ba1
Unapplied parent: 2654ea58b7a78a9f2d1fdcc74e8498be8e6cc4fd

New changelog entries:
  * debian/patches/fix-assertion-ftp-put-empty-file.patch: Fix ftp
    assertion error when uploading empty file. Thanks to Alex Rousskov
    <rousskov@measurement-factory.com>. Closes LP: #1423498.

applied/ubuntu/artful-proposed 2017-08-24 22:43:29 UTC 2017-08-24
Import patches-applied version 3.5.23-5ubuntu1 to applied/ubuntu/artful-proposed

Author: Andreas Hasenack
Author Date: 2017-08-24 19:04:35 UTC

Import patches-applied version 3.5.23-5ubuntu1 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 423bd465ad53619adad08e1adcf93f8a959140a9
Unapplied parent: 3dd9ac5fd7a713f055fa7d5df4ac3b36256f9c3a

New changelog entries:
  * Merge with Debian unstable (LP: #1712653). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
  * Drop:
    - Add missing Pre-Depends on adduser.
      [Fixed in Debian 3.5.23-2]
  * GCC7 FTBFS fixes (LP: #1712668):
    - d/rules: don't error when hitting the "deprecated" and
      "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
      but one in Format.cc that affects 32bit builds was deemed too intrusive
      for the 3.5 stable series and is only in squid 4.x
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>

ubuntu/artful-proposed 2017-08-24 22:43:29 UTC 2017-08-24
Import patches-unapplied version 3.5.23-5ubuntu1 to ubuntu/artful-proposed

Author: Andreas Hasenack
Author Date: 2017-08-24 19:04:35 UTC

Import patches-unapplied version 3.5.23-5ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: f85827a8ca2fa987bd9ded15a048d43c33f22fcc
Upload parent: 66a53e162dfc8c55739c145bd34a49b047dbdae1

New changelog entries:
  * Merge with Debian unstable (LP: #1712653). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
  * Drop:
    - Add missing Pre-Depends on adduser.
      [Fixed in Debian 3.5.23-2]
  * GCC7 FTBFS fixes (LP: #1712668):
    - d/rules: don't error when hitting the "deprecated" and
      "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
      but one in Format.cc that affects 32bit builds was deemed too intrusive
      for the 3.5 stable series and is only in squid 4.x
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>

ubuntu/artful 2017-08-24 22:43:29 UTC 2017-08-24
Import patches-unapplied version 3.5.23-5ubuntu1 to ubuntu/artful-proposed

Author: Andreas Hasenack
Author Date: 2017-08-24 19:04:35 UTC

Import patches-unapplied version 3.5.23-5ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: f85827a8ca2fa987bd9ded15a048d43c33f22fcc
Upload parent: 66a53e162dfc8c55739c145bd34a49b047dbdae1

New changelog entries:
  * Merge with Debian unstable (LP: #1712653). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
  * Drop:
    - Add missing Pre-Depends on adduser.
      [Fixed in Debian 3.5.23-2]
  * GCC7 FTBFS fixes (LP: #1712668):
    - d/rules: don't error when hitting the "deprecated" and
      "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
      but one in Format.cc that affects 32bit builds was deemed too intrusive
      for the 3.5 stable series and is only in squid 4.x
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>

applied/ubuntu/artful 2017-08-24 22:43:29 UTC 2017-08-24
Import patches-applied version 3.5.23-5ubuntu1 to applied/ubuntu/artful-proposed

Author: Andreas Hasenack
Author Date: 2017-08-24 19:04:35 UTC

Import patches-applied version 3.5.23-5ubuntu1 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 423bd465ad53619adad08e1adcf93f8a959140a9
Unapplied parent: 3dd9ac5fd7a713f055fa7d5df4ac3b36256f9c3a

New changelog entries:
  * Merge with Debian unstable (LP: #1712653). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
    - Correct attribution and add explanatory note in d/NEWS.debian.
    - Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
      happened in Xenial, so no upgrade path still requires this code. This
      reduces upgrade ordering difficulty.
    - Adjust seddery for upstream test squid binary location.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
  * Drop:
    - Add missing Pre-Depends on adduser.
      [Fixed in Debian 3.5.23-2]
  * GCC7 FTBFS fixes (LP: #1712668):
    - d/rules: don't error when hitting the "deprecated" and
      "format-truncation" gcc7 warnings. Upstream 3.5.27 has fixes for these,
      but one in Format.cc that affects 32bit builds was deemed too intrusive
      for the 3.5 stable series and is only in squid 4.x
    - debian/patches/gcc7-squidpurge-4695.patch: GCC 7 build errors.
      Thanks to Lubos Uhliarik <luhliari@redhat.com>.
    - debian/patches/gcc7-assert-wants-boolean.patch: assert() takes a
      boolean. Thanks to Amos Jeffries <squid3@treenet.co.nz>

applied/ubuntu/zesty-proposed 2017-02-10 11:38:27 UTC 2017-02-10
Import patches-applied version 3.5.23-1ubuntu1 to applied/ubuntu/zesty-proposed

Author: Robie Basak
Author Date: 2017-01-24 15:47:44 UTC

Import patches-applied version 3.5.23-1ubuntu1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c779b4bfec41007b484ffec370b34d9da480a190
Unapplied parent: ff16213445dabc6e8be792deba57650d677afbe0

New changelog entries:
  * Merge from Debian (LP: #1644538). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - Add missing Pre-Depends on adduser.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
  * Drop changes (adopted in Debian):
    - Run sarg-reports if present before rotating logs.
    - Add lsb-release build dep.
  * Drop changes that no longer make a functional difference in Ubuntu, but may
    still be relevant to send to Debian:
    - d/squid3.postinst: don't try to stop squid3 again.
    - d/squid3.postrm: don't rm -f conffiles in purge.
    - Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
    - Drop creation of /etc/squid.
  * Drop unnecessary changes:
    - Add executable bits to d/squid.preinst.
  * Drop changes relating to the upgrade path from prior to Xenial, so no
    longer required:
    - /var/spool/squid3 upgrade path handling.
    - Conffile upgrade path handling.
    - Remove redundant version-guarded restart code from squid postinst.
    - Clean up apparmor links for usr.sbin.squid3 on upgrade.
    - Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
    - Add Breaks on older ufw to fix upgrade path.
    - Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
      entirely (see below).
  * Drop security fixes: all included in 3.5.23 upstream.
  * Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
    happened in Xenial, so no upgrade path still requires this code. This
    reduces upgrade ordering difficulty.
  * Fix failing autopkgtests:
    - Adjust Python module dependencies.
    - Correctly handle the squid3 -> squid rename.
    - Adjust seddery for upstream test squid binary location.
  * Drop dependency on init-system-helpers. This was introduced in LP 1432683.
    Since we no longer ship an upstart job, it is no longer required.
  * Correct attribution and add explanatory note in d/NEWS.debian.

ubuntu/zesty-devel 2017-02-10 11:38:27 UTC 2017-02-10
Import patches-unapplied version 3.5.23-1ubuntu1 to ubuntu/zesty-proposed

Author: Robie Basak
Author Date: 2017-01-24 15:47:44 UTC

Import patches-unapplied version 3.5.23-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 6893a8ff86d6aa64ddbf024f272623fd5c01634c
Upload parent: 43e5b2db070aa94cbced3acef473be6cce59d60d

New changelog entries:
  * Merge from Debian (LP: #1644538). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - Add missing Pre-Depends on adduser.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
  * Drop changes (adopted in Debian):
    - Run sarg-reports if present before rotating logs.
    - Add lsb-release build dep.
  * Drop changes that no longer make a functional difference in Ubuntu, but may
    still be relevant to send to Debian:
    - d/squid3.postinst: don't try to stop squid3 again.
    - d/squid3.postrm: don't rm -f conffiles in purge.
    - Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
    - Drop creation of /etc/squid.
  * Drop unnecessary changes:
    - Add executable bits to d/squid.preinst.
  * Drop changes relating to the upgrade path from prior to Xenial, so no
    longer required:
    - /var/spool/squid3 upgrade path handling.
    - Conffile upgrade path handling.
    - Remove redundant version-guarded restart code from squid postinst.
    - Clean up apparmor links for usr.sbin.squid3 on upgrade.
    - Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
    - Add Breaks on older ufw to fix upgrade path.
    - Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
      entirely (see below).
  * Drop security fixes: all included in 3.5.23 upstream.
  * Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
    happened in Xenial, so no upgrade path still requires this code. This
    reduces upgrade ordering difficulty.
  * Fix failing autopkgtests:
    - Adjust Python module dependencies.
    - Correctly handle the squid3 -> squid rename.
    - Adjust seddery for upstream test squid binary location.
  * Drop dependency on init-system-helpers. This was introduced in LP 1432683.
    Since we no longer ship an upstart job, it is no longer required.
  * Correct attribution and add explanatory note in d/NEWS.debian.

ubuntu/zesty-proposed 2017-02-10 11:38:27 UTC 2017-02-10
Import patches-unapplied version 3.5.23-1ubuntu1 to ubuntu/zesty-proposed

Author: Robie Basak
Author Date: 2017-01-24 15:47:44 UTC

Import patches-unapplied version 3.5.23-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 6893a8ff86d6aa64ddbf024f272623fd5c01634c
Upload parent: 43e5b2db070aa94cbced3acef473be6cce59d60d

New changelog entries:
  * Merge from Debian (LP: #1644538). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - Add missing Pre-Depends on adduser.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
  * Drop changes (adopted in Debian):
    - Run sarg-reports if present before rotating logs.
    - Add lsb-release build dep.
  * Drop changes that no longer make a functional difference in Ubuntu, but may
    still be relevant to send to Debian:
    - d/squid3.postinst: don't try to stop squid3 again.
    - d/squid3.postrm: don't rm -f conffiles in purge.
    - Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
    - Drop creation of /etc/squid.
  * Drop unnecessary changes:
    - Add executable bits to d/squid.preinst.
  * Drop changes relating to the upgrade path from prior to Xenial, so no
    longer required:
    - /var/spool/squid3 upgrade path handling.
    - Conffile upgrade path handling.
    - Remove redundant version-guarded restart code from squid postinst.
    - Clean up apparmor links for usr.sbin.squid3 on upgrade.
    - Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
    - Add Breaks on older ufw to fix upgrade path.
    - Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
      entirely (see below).
  * Drop security fixes: all included in 3.5.23 upstream.
  * Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
    happened in Xenial, so no upgrade path still requires this code. This
    reduces upgrade ordering difficulty.
  * Fix failing autopkgtests:
    - Adjust Python module dependencies.
    - Correctly handle the squid3 -> squid rename.
    - Adjust seddery for upstream test squid binary location.
  * Drop dependency on init-system-helpers. This was introduced in LP 1432683.
    Since we no longer ship an upstart job, it is no longer required.
  * Correct attribution and add explanatory note in d/NEWS.debian.

applied/ubuntu/zesty 2017-02-10 11:38:27 UTC 2017-02-10
Import patches-applied version 3.5.23-1ubuntu1 to applied/ubuntu/zesty-proposed

Author: Robie Basak
Author Date: 2017-01-24 15:47:44 UTC

Import patches-applied version 3.5.23-1ubuntu1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c779b4bfec41007b484ffec370b34d9da480a190
Unapplied parent: ff16213445dabc6e8be792deba57650d677afbe0

New changelog entries:
  * Merge from Debian (LP: #1644538). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - Add missing Pre-Depends on adduser.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
  * Drop changes (adopted in Debian):
    - Run sarg-reports if present before rotating logs.
    - Add lsb-release build dep.
  * Drop changes that no longer make a functional difference in Ubuntu, but may
    still be relevant to send to Debian:
    - d/squid3.postinst: don't try to stop squid3 again.
    - d/squid3.postrm: don't rm -f conffiles in purge.
    - Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
    - Drop creation of /etc/squid.
  * Drop unnecessary changes:
    - Add executable bits to d/squid.preinst.
  * Drop changes relating to the upgrade path from prior to Xenial, so no
    longer required:
    - /var/spool/squid3 upgrade path handling.
    - Conffile upgrade path handling.
    - Remove redundant version-guarded restart code from squid postinst.
    - Clean up apparmor links for usr.sbin.squid3 on upgrade.
    - Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
    - Add Breaks on older ufw to fix upgrade path.
    - Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
      entirely (see below).
  * Drop security fixes: all included in 3.5.23 upstream.
  * Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
    happened in Xenial, so no upgrade path still requires this code. This
    reduces upgrade ordering difficulty.
  * Fix failing autopkgtests:
    - Adjust Python module dependencies.
    - Correctly handle the squid3 -> squid rename.
    - Adjust seddery for upstream test squid binary location.
  * Drop dependency on init-system-helpers. This was introduced in LP 1432683.
    Since we no longer ship an upstart job, it is no longer required.
  * Correct attribution and add explanatory note in d/NEWS.debian.

applied/ubuntu/zesty-devel 2017-02-10 11:38:27 UTC 2017-02-10
Import patches-applied version 3.5.23-1ubuntu1 to applied/ubuntu/zesty-proposed

Author: Robie Basak
Author Date: 2017-01-24 15:47:44 UTC

Import patches-applied version 3.5.23-1ubuntu1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c779b4bfec41007b484ffec370b34d9da480a190
Unapplied parent: ff16213445dabc6e8be792deba57650d677afbe0

New changelog entries:
  * Merge from Debian (LP: #1644538). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - Add missing Pre-Depends on adduser.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
  * Drop changes (adopted in Debian):
    - Run sarg-reports if present before rotating logs.
    - Add lsb-release build dep.
  * Drop changes that no longer make a functional difference in Ubuntu, but may
    still be relevant to send to Debian:
    - d/squid3.postinst: don't try to stop squid3 again.
    - d/squid3.postrm: don't rm -f conffiles in purge.
    - Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
    - Drop creation of /etc/squid.
  * Drop unnecessary changes:
    - Add executable bits to d/squid.preinst.
  * Drop changes relating to the upgrade path from prior to Xenial, so no
    longer required:
    - /var/spool/squid3 upgrade path handling.
    - Conffile upgrade path handling.
    - Remove redundant version-guarded restart code from squid postinst.
    - Clean up apparmor links for usr.sbin.squid3 on upgrade.
    - Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
    - Add Breaks on older ufw to fix upgrade path.
    - Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
      entirely (see below).
  * Drop security fixes: all included in 3.5.23 upstream.
  * Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
    happened in Xenial, so no upgrade path still requires this code. This
    reduces upgrade ordering difficulty.
  * Fix failing autopkgtests:
    - Adjust Python module dependencies.
    - Correctly handle the squid3 -> squid rename.
    - Adjust seddery for upstream test squid binary location.
  * Drop dependency on init-system-helpers. This was introduced in LP 1432683.
    Since we no longer ship an upstart job, it is no longer required.
  * Correct attribution and add explanatory note in d/NEWS.debian.

ubuntu/zesty 2017-02-10 11:38:27 UTC 2017-02-10
Import patches-unapplied version 3.5.23-1ubuntu1 to ubuntu/zesty-proposed

Author: Robie Basak
Author Date: 2017-01-24 15:47:44 UTC

Import patches-unapplied version 3.5.23-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 6893a8ff86d6aa64ddbf024f272623fd5c01634c
Upload parent: 43e5b2db070aa94cbced3acef473be6cce59d60d

New changelog entries:
  * Merge from Debian (LP: #1644538). Remaining changes:
    - Add additional dep8 tests.
    - Use snakeoil certificates.
    - Add an example refresh pattern for debs.
    - Add disabled by default AppArmor profile.
    - Revert "Set pidfile for systemd's sysv-generator" from Debian.
    - Drop wrong short-circuiting of various invocations; we always want to
      call the debhelper block.
    - Add missing Pre-Depends on adduser.
    - Enable autoreconf. This is no longer required for the security updates,
      but is needed for the seddery of test-suite/Makefile.am in
      d/t/upstream-test-suite.
  * Drop changes (adopted in Debian):
    - Run sarg-reports if present before rotating logs.
    - Add lsb-release build dep.
  * Drop changes that no longer make a functional difference in Ubuntu, but may
    still be relevant to send to Debian:
    - d/squid3.postinst: don't try to stop squid3 again.
    - d/squid3.postrm: don't rm -f conffiles in purge.
    - Drop squid3 dependencies on ${shlib:Depends} and lsb-base.
    - Drop creation of /etc/squid.
  * Drop unnecessary changes:
    - Add executable bits to d/squid.preinst.
  * Drop changes relating to the upgrade path from prior to Xenial, so no
    longer required:
    - /var/spool/squid3 upgrade path handling.
    - Conffile upgrade path handling.
    - Remove redundant version-guarded restart code from squid postinst.
    - Clean up apparmor links for usr.sbin.squid3 on upgrade.
    - Attempt to migrate /var/log/squid3 -> /var/log/squid on upgrade.
    - Add Breaks on older ufw to fix upgrade path.
    - Use Breaks instead of Conflicts. Instead, drop the Conflicts/Replaces
      entirely (see below).
  * Drop security fixes: all included in 3.5.23 upstream.
  * Drop Conflicts/Replaces of squid against squid3. In Ubuntu, the migration
    happened in Xenial, so no upgrade path still requires this code. This
    reduces upgrade ordering difficulty.
  * Fix failing autopkgtests:
    - Adjust Python module dependencies.
    - Correctly handle the squid3 -> squid rename.
    - Adjust seddery for upstream test squid binary location.
  * Drop dependency on init-system-helpers. This was introduced in LP 1432683.
    Since we no longer ship an upstart job, it is no longer required.
  * Correct attribution and add explanatory note in d/NEWS.debian.

ubuntu/precise-updates 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-unapplied version 3.1.19-1ubuntu3.12.04.8 to ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-02-06 15:00:45 UTC

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.8 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: aa61d8c138ae433c186ee380281d1fa5c08b82c5

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/client_side_reply.cc,
      src/client_side_reply.h.
    - CVE-2016-10002

applied/ubuntu/precise-updates 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-applied version 3.1.19-1ubuntu3.12.04.8 to applied/ubuntu/prec...

Author: Marc Deslauriers
Author Date: 2017-02-06 15:00:45 UTC

Import patches-applied version 3.1.19-1ubuntu3.12.04.8 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 7016d6f6ed5bdace7d57c6d8ce05db6dfa835e8b
Unapplied parent: 246068e749f591521cb7c07066d9756c4a79313f

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/client_side_reply.cc,
      src/client_side_reply.h.
    - CVE-2016-10002

applied/ubuntu/precise-security 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-applied version 3.1.19-1ubuntu3.12.04.8 to applied/ubuntu/prec...

Author: Marc Deslauriers
Author Date: 2017-02-06 15:00:45 UTC

Import patches-applied version 3.1.19-1ubuntu3.12.04.8 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 7016d6f6ed5bdace7d57c6d8ce05db6dfa835e8b
Unapplied parent: 246068e749f591521cb7c07066d9756c4a79313f

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/client_side_reply.cc,
      src/client_side_reply.h.
    - CVE-2016-10002

applied/ubuntu/precise-devel 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-applied version 3.1.19-1ubuntu3.12.04.8 to applied/ubuntu/prec...

Author: Marc Deslauriers
Author Date: 2017-02-06 15:00:45 UTC

Import patches-applied version 3.1.19-1ubuntu3.12.04.8 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 7016d6f6ed5bdace7d57c6d8ce05db6dfa835e8b
Unapplied parent: 246068e749f591521cb7c07066d9756c4a79313f

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/client_side_reply.cc,
      src/client_side_reply.h.
    - CVE-2016-10002

ubuntu/precise-devel 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-unapplied version 3.1.19-1ubuntu3.12.04.8 to ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-02-06 15:00:45 UTC

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.8 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: aa61d8c138ae433c186ee380281d1fa5c08b82c5

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/client_side_reply.cc,
      src/client_side_reply.h.
    - CVE-2016-10002

ubuntu/precise-security 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-unapplied version 3.1.19-1ubuntu3.12.04.8 to ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-02-06 15:00:45 UTC

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.8 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: aa61d8c138ae433c186ee380281d1fa5c08b82c5

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/client_side_reply.cc,
      src/client_side_reply.h.
    - CVE-2016-10002

ubuntu/yakkety-security 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-unapplied version 3.5.12-1ubuntu8.1 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-02-03 19:08:07 UTC

Import patches-unapplied version 3.5.12-1ubuntu8.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 246ae5cd1a0cc319738b919dd8d209b0a6a3a9e2

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/LogTags.h, src/client_side.cc,
      src/client_side_reply.cc, src/client_side_reply.h.
    - CVE-2016-10002
  * SECURITY UPDATE: incorrect HTTP Request header comparison
    - debian/patches/CVE-2016-10003.patch: don't share private responses
      with collapsed client in src/client_side_reply.cc.
    - CVE-2016-10003

applied/ubuntu/yakkety-security 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-applied version 3.5.12-1ubuntu8.1 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-02-03 19:08:07 UTC

Import patches-applied version 3.5.12-1ubuntu8.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 1eb2a369c02d401fccb911787b61ad5d8e17d6d1
Unapplied parent: 540017bdeeb91f99a8aebb4713ac07bb77eb1a8e

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/LogTags.h, src/client_side.cc,
      src/client_side_reply.cc, src/client_side_reply.h.
    - CVE-2016-10002
  * SECURITY UPDATE: incorrect HTTP Request header comparison
    - debian/patches/CVE-2016-10003.patch: don't share private responses
      with collapsed client in src/client_side_reply.cc.
    - CVE-2016-10003

applied/ubuntu/yakkety-devel 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-applied version 3.5.12-1ubuntu8.1 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-02-03 19:08:07 UTC

Import patches-applied version 3.5.12-1ubuntu8.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 1eb2a369c02d401fccb911787b61ad5d8e17d6d1
Unapplied parent: 540017bdeeb91f99a8aebb4713ac07bb77eb1a8e

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/LogTags.h, src/client_side.cc,
      src/client_side_reply.cc, src/client_side_reply.h.
    - CVE-2016-10002
  * SECURITY UPDATE: incorrect HTTP Request header comparison
    - debian/patches/CVE-2016-10003.patch: don't share private responses
      with collapsed client in src/client_side_reply.cc.
    - CVE-2016-10003

ubuntu/yakkety-devel 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-unapplied version 3.5.12-1ubuntu8.1 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-02-03 19:08:07 UTC

Import patches-unapplied version 3.5.12-1ubuntu8.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 246ae5cd1a0cc319738b919dd8d209b0a6a3a9e2

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/LogTags.h, src/client_side.cc,
      src/client_side_reply.cc, src/client_side_reply.h.
    - CVE-2016-10002
  * SECURITY UPDATE: incorrect HTTP Request header comparison
    - debian/patches/CVE-2016-10003.patch: don't share private responses
      with collapsed client in src/client_side_reply.cc.
    - CVE-2016-10003

applied/ubuntu/yakkety-updates 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-applied version 3.5.12-1ubuntu8.1 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-02-03 19:08:07 UTC

Import patches-applied version 3.5.12-1ubuntu8.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 1eb2a369c02d401fccb911787b61ad5d8e17d6d1
Unapplied parent: 540017bdeeb91f99a8aebb4713ac07bb77eb1a8e

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/LogTags.h, src/client_side.cc,
      src/client_side_reply.cc, src/client_side_reply.h.
    - CVE-2016-10002
  * SECURITY UPDATE: incorrect HTTP Request header comparison
    - debian/patches/CVE-2016-10003.patch: don't share private responses
      with collapsed client in src/client_side_reply.cc.
    - CVE-2016-10003

ubuntu/yakkety-updates 2017-02-06 18:43:32 UTC 2017-02-06
Import patches-unapplied version 3.5.12-1ubuntu8.1 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-02-03 19:08:07 UTC

Import patches-unapplied version 3.5.12-1ubuntu8.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 246ae5cd1a0cc319738b919dd8d209b0a6a3a9e2

New changelog entries:
  * SECURITY UPDATE: cookie data leak via If-Not-Modified HTTP conditional
    - debian/patches/CVE-2016-10002.patch: properly handle combination of
      If-Match and a Cache Hit in src/LogTags.h, src/client_side.cc,
      src/client_side_reply.cc, src/client_side_reply.h.
    - CVE-2016-10002
  * SECURITY UPDATE: incorrect HTTP Request header comparison
    - debian/patches/CVE-2016-10003.patch: don't share private responses
      with collapsed client in src/client_side_reply.cc.
    - CVE-2016-10003

applied/ubuntu/wily-updates 2016-06-09 17:09:04 UTC 2016-06-09
Import patches-applied version 3.3.8-1ubuntu16.3 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-06-07 14:02:11 UTC

Import patches-applied version 3.3.8-1ubuntu16.3 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: d85a050de913db3a4c3309563f9e94347808c83e
Unapplied parent: 98f80d60ec6c8a77cd2a8a1293261a7d09734240

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, added tests to
      src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
      tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

applied/ubuntu/wily-security 2016-06-09 17:09:04 UTC 2016-06-09
Import patches-applied version 3.3.8-1ubuntu16.3 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-06-07 14:02:11 UTC

Import patches-applied version 3.3.8-1ubuntu16.3 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: d85a050de913db3a4c3309563f9e94347808c83e
Unapplied parent: 98f80d60ec6c8a77cd2a8a1293261a7d09734240

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, added tests to
      src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
      tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

applied/ubuntu/wily-devel 2016-06-09 17:09:04 UTC 2016-06-09
Import patches-applied version 3.3.8-1ubuntu16.3 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-06-07 14:02:11 UTC

Import patches-applied version 3.3.8-1ubuntu16.3 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: d85a050de913db3a4c3309563f9e94347808c83e
Unapplied parent: 98f80d60ec6c8a77cd2a8a1293261a7d09734240

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, added tests to
      src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
      tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

ubuntu/wily-updates 2016-06-09 17:09:04 UTC 2016-06-09
Import patches-unapplied version 3.3.8-1ubuntu16.3 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-06-07 14:02:11 UTC

Import patches-unapplied version 3.3.8-1ubuntu16.3 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 25ec24265cb2d0676e2459dcfe77a76f2c58125e

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, added tests to
      src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
      tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

ubuntu/wily-security 2016-06-09 17:09:04 UTC 2016-06-09
Import patches-unapplied version 3.3.8-1ubuntu16.3 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-06-07 14:02:11 UTC

Import patches-unapplied version 3.3.8-1ubuntu16.3 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 25ec24265cb2d0676e2459dcfe77a76f2c58125e

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, added tests to
      src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
      tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

ubuntu/wily-devel 2016-06-09 17:09:04 UTC 2016-06-09
Import patches-unapplied version 3.3.8-1ubuntu16.3 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-06-07 14:02:11 UTC

Import patches-unapplied version 3.3.8-1ubuntu16.3 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 25ec24265cb2d0676e2459dcfe77a76f2c58125e

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, added tests to
      src/tests/Stub.list, src/tests/stub_cbdata.cc, src/tests/stub_mem.cc,
      tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.
  * debian/patches/02-makefile-defaults.patch: also patch src/Makefile.am.

ubuntu/yakkety-proposed 2016-06-08 13:34:29 UTC 2016-06-08
Import patches-unapplied version 3.5.12-1ubuntu8 to ubuntu/yakkety-proposed

Author: Marc Deslauriers
Author Date: 2016-06-08 12:05:32 UTC

Import patches-unapplied version 3.5.12-1ubuntu8 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a78cf6b97c716dc6dd9d55ce14861dcd1b0e47ba

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, src/tests/stub_cbdata.cc,
      src/tests/stub_mem.cc, tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.

ubuntu/yakkety 2016-06-08 13:34:29 UTC 2016-06-08
Import patches-unapplied version 3.5.12-1ubuntu8 to ubuntu/yakkety-proposed

Author: Marc Deslauriers
Author Date: 2016-06-08 12:05:32 UTC

Import patches-unapplied version 3.5.12-1ubuntu8 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a78cf6b97c716dc6dd9d55ce14861dcd1b0e47ba

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, src/tests/stub_cbdata.cc,
      src/tests/stub_mem.cc, tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.

applied/ubuntu/yakkety-proposed 2016-06-08 13:34:29 UTC 2016-06-08
Import patches-applied version 3.5.12-1ubuntu8 to applied/ubuntu/yakkety-prop...

Author: Marc Deslauriers
Author Date: 2016-06-08 12:05:32 UTC

Import patches-applied version 3.5.12-1ubuntu8 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: ee6ade0923808494ca5f4747ae9a9989a6fe55a2
Unapplied parent: 740b2bc535bc3328c762f5f49259d180fb2f38bc

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, src/tests/stub_cbdata.cc,
      src/tests/stub_mem.cc, tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.

applied/ubuntu/yakkety 2016-06-08 13:34:29 UTC 2016-06-08
Import patches-applied version 3.5.12-1ubuntu8 to applied/ubuntu/yakkety-prop...

Author: Marc Deslauriers
Author Date: 2016-06-08 12:05:32 UTC

Import patches-applied version 3.5.12-1ubuntu8 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: ee6ade0923808494ca5f4747ae9a9989a6fe55a2
Unapplied parent: 740b2bc535bc3328c762f5f49259d180fb2f38bc

New changelog entries:
  * SECURITY UPDATE: denial of service via pinger and ICMPv6 packet
    - debian/patches/CVE-2016-3947.patch: fix sizes in src/icmp/Icmp6.cc.
    - CVE-2016-3947
  * SECURITY UPDATE: denial of service and possible code execution via
    seeding manager reporter with crafted data
    - debian/patches/CVE-2016-4051.patch: use dynamic MemBuf for internal
      content generation in tools/cachemgr.cc, src/tests/stub_cbdata.cc,
      src/tests/stub_mem.cc, tools/Makefile.am.
    - CVE-2016-4051
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    crafted ESI responses
    - debian/patches/CVE-2016-4052.patch: perform bounds checking and
      remove asserts in src/esi/Esi.cc.
    - CVE-2016-4052
    - CVE-2016-4053
    - CVE-2016-4054
  * SECURITY UPDATE: cache-poisoning attacks via an HTTP request with an
    absolute-URI
    - debian/patches/CVE-2016-4553.patch: properly handle condition in
      src/client_side.cc
    - CVE-2016-4553
  * SECURITY UPDATE: same-origin bypass and cache-poisoning attack via
    crafted HTTP host header
    - debian/patches/CVE-2016-4554.patch: properly handle whitespace in
      src/mime_header.cc.
    - CVE-2016-4554
  * SECURITY UPDATE: denial of service via ESI responses
    - debian/patches/CVE-2016-4555.patch: fix segfaults in
      src/client_side_request.cc, src/esi/Context.h, src/esi/Esi.cc.
    - CVE-2016-4555
    - CVE-2016-4556
  * debian/rules: include autoreconf.mk.
  * debian/control: add dh-autoreconf to BuildDepends.

applied/ubuntu/xenial 2016-04-12 20:34:33 UTC 2016-04-12
Import patches-applied version 3.5.12-1ubuntu7 to applied/ubuntu/xenial-proposed

Author: LaMont Jones
Author Date: 2016-04-12 19:05:00 UTC

Import patches-applied version 3.5.12-1ubuntu7 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 2d4cb97104615cf0f901eec70ffb08d3da1e6085
Unapplied parent: 32f4930afff1d36dad87478137f685e01011fb5a

New changelog entries:
  * Update apparmor profile to be correct for maas-proxy.

ubuntu/xenial 2016-04-12 20:34:33 UTC 2016-04-12
Import patches-unapplied version 3.5.12-1ubuntu7 to ubuntu/xenial-proposed

Author: LaMont Jones
Author Date: 2016-04-12 19:05:00 UTC

Import patches-unapplied version 3.5.12-1ubuntu7 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: ecea56bcf2239bc31ffca28f0059528f4506e8f0

New changelog entries:
  * Update apparmor profile to be correct for maas-proxy.

debian/wheezy 2016-04-02 23:43:32 UTC 2016-04-02
Import patches-unapplied version 3.1.20-2.2+deb7u4 to debian/wheezy

Author: Salvatore Bonaccorso
Author Date: 2016-03-20 13:12:43 UTC

Import patches-unapplied version 3.1.20-2.2+deb7u4 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 0654347f098f9714c1530e534df7eac46fee83b5

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-2571: better handling of huge response headers in
    src/http.cc

applied/debian/wheezy 2016-04-02 23:43:32 UTC 2016-04-02
Import patches-applied version 3.1.20-2.2+deb7u4 to applied/debian/wheezy

Author: Salvatore Bonaccorso
Author Date: 2016-03-20 13:12:43 UTC

Import patches-applied version 3.1.20-2.2+deb7u4 to applied/debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 35b30ee70c542c43c258d4ec45dfabb539598d7e
Unapplied parent: 9bdf21d1be8c32970dbfd447bdfe9699fd72c0a4

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-2571: better handling of huge response headers in
    src/http.cc

applied/ubuntu/precise-proposed 2015-10-15 20:18:51 UTC 2015-10-15
Import patches-applied version 3.1.19-1ubuntu3.12.04.4 to applied/ubuntu/prec...

Author: Tiago Stürmer Daitx
Author Date: 2015-10-14 02:54:20 UTC

Import patches-applied version 3.1.19-1ubuntu3.12.04.4 to applied/ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: bde170ce9ffee086b3e6a16f44d468c02f20155b
Unapplied parent: 3b6ebcaa3e634eee98727470619351a8c4e81cf6

New changelog entries:
  * d/squid3.upstart: Use SIGINT to terminate squid and wait at most 40
    seconds for it to finish. (LP: #1073478)

ubuntu/precise-proposed 2015-10-15 20:18:51 UTC 2015-10-15
Import patches-unapplied version 3.1.19-1ubuntu3.12.04.4 to ubuntu/precise-pr...

Author: Tiago Stürmer Daitx
Author Date: 2015-10-14 02:54:20 UTC

Import patches-unapplied version 3.1.19-1ubuntu3.12.04.4 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 28d29473fbaeb13777952a302e8254b4172cfb8b

New changelog entries:
  * d/squid3.upstart: Use SIGINT to terminate squid and wait at most 40
    seconds for it to finish. (LP: #1073478)

applied/ubuntu/wily-proposed 2015-10-09 05:14:02 UTC 2015-10-09
Import patches-applied version 3.3.8-1ubuntu16 to applied/ubuntu/wily-proposed

Author: Steve Langasek
Author Date: 2015-10-09 00:29:47 UTC

Import patches-applied version 3.3.8-1ubuntu16 to applied/ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 50773f0e0c83115934383657796a1d12dcef326e
Unapplied parent: a3cd1464d342adad3458e434281f16524014f88e

New changelog entries:
  [ Tiago Stürmer Daitx ]
  * d/patches/fix-logical-not-parentheses-warning.patch: Fix warning for
    logical-not-parentheses which caused squid to FTBFS. (LP: #1496924)
  * d/patches/netfilter_fix.patch: Backported from Squid Bug #4323.
    (LP: #1496223)
  * d/patches/fix-pod2name-pipe-failure.patch: Add --name parameter to
    pod2man (LP: #1501566)
  * roll back build-dependency to libecap2-dev, this version of squid3 is not
    compatible with libecap3 and libecap3 transition has been rolled back for
    wily.

applied/ubuntu/wily 2015-10-09 05:14:02 UTC 2015-10-09
Import patches-applied version 3.3.8-1ubuntu16 to applied/ubuntu/wily-proposed

Author: Steve Langasek
Author Date: 2015-10-09 00:29:47 UTC

Import patches-applied version 3.3.8-1ubuntu16 to applied/ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 50773f0e0c83115934383657796a1d12dcef326e
Unapplied parent: a3cd1464d342adad3458e434281f16524014f88e

New changelog entries:
  [ Tiago Stürmer Daitx ]
  * d/patches/fix-logical-not-parentheses-warning.patch: Fix warning for
    logical-not-parentheses which caused squid to FTBFS. (LP: #1496924)
  * d/patches/netfilter_fix.patch: Backported from Squid Bug #4323.
    (LP: #1496223)
  * d/patches/fix-pod2name-pipe-failure.patch: Add --name parameter to
    pod2man (LP: #1501566)
  * roll back build-dependency to libecap2-dev, this version of squid3 is not
    compatible with libecap3 and libecap3 transition has been rolled back for
    wily.

ubuntu/wily-proposed 2015-10-09 05:14:02 UTC 2015-10-09
Import patches-unapplied version 3.3.8-1ubuntu16 to ubuntu/wily-proposed

Author: Steve Langasek
Author Date: 2015-10-09 00:29:47 UTC

Import patches-unapplied version 3.3.8-1ubuntu16 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 3a22b0c4d55691c969c224a022c1dd230c944cbf

New changelog entries:
  [ Tiago Stürmer Daitx ]
  * d/patches/fix-logical-not-parentheses-warning.patch: Fix warning for
    logical-not-parentheses which caused squid to FTBFS. (LP: #1496924)
  * d/patches/netfilter_fix.patch: Backported from Squid Bug #4323.
    (LP: #1496223)
  * d/patches/fix-pod2name-pipe-failure.patch: Add --name parameter to
    pod2man (LP: #1501566)
  * roll back build-dependency to libecap2-dev, this version of squid3 is not
    compatible with libecap3 and libecap3 transition has been rolled back for
    wily.

ubuntu/wily 2015-10-09 05:14:02 UTC 2015-10-09
Import patches-unapplied version 3.3.8-1ubuntu16 to ubuntu/wily-proposed

Author: Steve Langasek
Author Date: 2015-10-09 00:29:47 UTC

Import patches-unapplied version 3.3.8-1ubuntu16 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 3a22b0c4d55691c969c224a022c1dd230c944cbf

New changelog entries:
  [ Tiago Stürmer Daitx ]
  * d/patches/fix-logical-not-parentheses-warning.patch: Fix warning for
    logical-not-parentheses which caused squid to FTBFS. (LP: #1496924)
  * d/patches/netfilter_fix.patch: Backported from Squid Bug #4323.
    (LP: #1496223)
  * d/patches/fix-pod2name-pipe-failure.patch: Add --name parameter to
    pod2man (LP: #1501566)
  * roll back build-dependency to libecap2-dev, this version of squid3 is not
    compatible with libecap3 and libecap3 transition has been rolled back for
    wily.

ubuntu/vivid-devel 2015-04-02 19:48:25 UTC 2015-04-02
Import patches-unapplied version 3.3.8-1ubuntu14 to ubuntu/vivid-proposed

Author: Serge Hallyn
Author Date: 2015-04-02 16:12:27 UTC

Import patches-unapplied version 3.3.8-1ubuntu14 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 3ed2827fb5d707c44e8d86011235e82937793df5

New changelog entries:
  * Add versioned dependency on init-system-helpers (>> 1.22ubuntu5) to ensure
    we have the apparmor-profile-load script at boot time. (LP: #1432683)

ubuntu/vivid-proposed 2015-04-02 19:48:25 UTC 2015-04-02
Import patches-unapplied version 3.3.8-1ubuntu14 to ubuntu/vivid-proposed

Author: Serge Hallyn
Author Date: 2015-04-02 16:12:27 UTC

Import patches-unapplied version 3.3.8-1ubuntu14 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 3ed2827fb5d707c44e8d86011235e82937793df5

New changelog entries:
  * Add versioned dependency on init-system-helpers (>> 1.22ubuntu5) to ensure
    we have the apparmor-profile-load script at boot time. (LP: #1432683)

applied/ubuntu/vivid-proposed 2015-04-02 19:48:25 UTC 2015-04-02
Import patches-applied version 3.3.8-1ubuntu14 to applied/ubuntu/vivid-proposed

Author: Serge Hallyn
Author Date: 2015-04-02 16:12:27 UTC

Import patches-applied version 3.3.8-1ubuntu14 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 4475e9eb59df8bdf157c3235e31434087a7ed613
Unapplied parent: 40f33b429389410e9c14c1b10ffb4eb0cd111638

New changelog entries:
  * Add versioned dependency on init-system-helpers (>> 1.22ubuntu5) to ensure
    we have the apparmor-profile-load script at boot time. (LP: #1432683)

applied/ubuntu/vivid-devel 2015-04-02 19:48:25 UTC 2015-04-02
Import patches-applied version 3.3.8-1ubuntu14 to applied/ubuntu/vivid-proposed

Author: Serge Hallyn
Author Date: 2015-04-02 16:12:27 UTC

Import patches-applied version 3.3.8-1ubuntu14 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 4475e9eb59df8bdf157c3235e31434087a7ed613
Unapplied parent: 40f33b429389410e9c14c1b10ffb4eb0cd111638

New changelog entries:
  * Add versioned dependency on init-system-helpers (>> 1.22ubuntu5) to ensure
    we have the apparmor-profile-load script at boot time. (LP: #1432683)

applied/ubuntu/vivid 2015-04-02 19:48:25 UTC 2015-04-02
Import patches-applied version 3.3.8-1ubuntu14 to applied/ubuntu/vivid-proposed

Author: Serge Hallyn
Author Date: 2015-04-02 16:12:27 UTC

Import patches-applied version 3.3.8-1ubuntu14 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 4475e9eb59df8bdf157c3235e31434087a7ed613
Unapplied parent: 40f33b429389410e9c14c1b10ffb4eb0cd111638

New changelog entries:
  * Add versioned dependency on init-system-helpers (>> 1.22ubuntu5) to ensure
    we have the apparmor-profile-load script at boot time. (LP: #1432683)

ubuntu/vivid 2015-04-02 19:48:25 UTC 2015-04-02
Import patches-unapplied version 3.3.8-1ubuntu14 to ubuntu/vivid-proposed

Author: Serge Hallyn
Author Date: 2015-04-02 16:12:27 UTC

Import patches-unapplied version 3.3.8-1ubuntu14 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 3ed2827fb5d707c44e8d86011235e82937793df5

New changelog entries:
  * Add versioned dependency on init-system-helpers (>> 1.22ubuntu5) to ensure
    we have the apparmor-profile-load script at boot time. (LP: #1432683)

applied/ubuntu/utopic-updates 2014-11-25 17:03:30 UTC 2014-11-25
Import patches-applied version 3.3.8-1ubuntu8.1 to applied/ubuntu/utopic-secu...

Author: Jorge Niedbalski
Author Date: 2014-11-18 17:47:33 UTC

Import patches-applied version 3.3.8-1ubuntu8.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 9c1e0776830aea6b7466d1e1054aac3f71bfe685
Unapplied parent: 44b5b6f9f2f46783fbc76e1f325a5e5b4f6f5e85

New changelog entries:
  * SECURITY UPDATE: Fix various ICMP handling issues in Squid pinger.
    (LP: #1384943)
    - CVE-2014-7141
    - CVE-2014-7142

applied/ubuntu/utopic-security 2014-11-25 17:03:30 UTC 2014-11-25
Import patches-applied version 3.3.8-1ubuntu8.1 to applied/ubuntu/utopic-secu...

Author: Jorge Niedbalski
Author Date: 2014-11-18 17:47:33 UTC

Import patches-applied version 3.3.8-1ubuntu8.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 9c1e0776830aea6b7466d1e1054aac3f71bfe685
Unapplied parent: 44b5b6f9f2f46783fbc76e1f325a5e5b4f6f5e85

New changelog entries:
  * SECURITY UPDATE: Fix various ICMP handling issues in Squid pinger.
    (LP: #1384943)
    - CVE-2014-7141
    - CVE-2014-7142

1100 of 208 results

Other repositories

You can't create new repositories for squid3 in Ubuntu.