From ${URL} : Upstream fixed a security issue in digest_authentication [1] that can allow disabled user or users with changed password to access the squid service with old credentials. Upstream patch for Squid 3.4: http://bazaar.launchpad.net/~squid/squid/3.4/revision/13211 Upstream patch for Squid 3.5: http://bazaar.launchpad.net/~squid/squid/3.5/revision/13735 [1]: http://bugs.squid-cache.org/show_bug.cgi?id=4066 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
+*squid-3.4.11-r1 (04 Feb 2015) +*squid-3.5.1-r1 (04 Feb 2015) + + 04 Feb 2015; Eray Aslan <eras@gentoo.org> +files/squid-13211_13210.patch, + +files/squid-13735_13734.patch, +squid-3.4.11-r1.ebuild, + +squid-3.5.1-r1.ebuild: + Security bump + Arches, please test and mark stable =net-proxy/squid-3.4.11-r1. Thank you.
Arch teams, please test and mark stable: =net-proxy/squid-3.4.11-r1 Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Stable for HPPA.
amd64 stable
x86 stable
arm stable
sparc stable
ppc64 stable
ppc stable
ia64 stable
alpha stable. Maintainer(s), please cleanup. Security, please vote.
Thank, guys Cleanup was done by Eray Aslan GLSA vote: No
GLSA vote: no. Closing as [noglsa]