Upstream: tbd
Debian: 5.2-1
Ubuntu: 5.2-1ubuntu1
Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle.
### Old Ubuntu Delta ###
squid (5.2-1ubuntu1) jammy; urgency=medium
* Merge with Debian unstable (LP: #1946903). Remaining changes:
- d/usr.sbin.squid: Add sections for squid-deb-proxy and
squidguard
- d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb
packaging
- Use snakeoil certificates:
+ d/control: add ssl-cert to dependencies
+ d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl
to the default config file
- d/rules, d/NEWS: drop the NIS basic auth helper (LP #1895694)
- Fix FTBFS with GCC 11 (LP #1939352)
+ d/p/expand-max-pkt-sz-accomodate-icmphdr.patch: Expand
MAX_PKT{4,6}_SZ to accomodate for icmp{,6_}hdr.
+ d/p/workaround-gcc11-wstringop-overread-bug.patch: Workaround
GCC 11 -Wstringop-overread bug.
* Dropped changes:
- d/p/0008-Fix-free-nonheap-object-warning-error-on-snmp_core.c.patch:
Fix call to free on nonheap-object in snmpCreateOidFromStr
[ Incorporated by upstream. ]
- Fix failure to build on RISC-V (LP #1934891)
[ Incorporated by upstream. ]
- SECURITY UPDATE: information disclosure via OOB read in WCCP protocol
+ debian/patches/CVE-2021-28116.patch: validate packets better in
src/wccp2.cc.
+ CVE-2021-28116
[ Incorporated by upstream. ]
- Fix FTBFS with GCC 11 (LP #1939352)
+ d/p/replace-cbdata-offset-hack-with-offsetof.patch: Replace
cbdata::Offset hack with offsetof().
+ d/p/add-missing-limits-include-connmark.patch: Add missing
<limits> include to src/acl/ConnMark.cc.
[ Incorporated by upstream. This is a partial drop; the other
two patches that compose this fix are still present in this
release. ]
-- Sergio Durigan Junior <email address hidden> Mon, 01 Nov 2021 18:19:59 -0400
Do a quick check if upstream is ready to move to the next major version, IIRC it has been in development for a while. If they are ready, check if it would be worth for ubuntu in our next lts.