Version in base suite: 2.5.9-10sarge2
Version in overlay suite: 2.5.9-10sarge5

Base version: squid_2.5.9-10sarge2
Target version: squid_2.5.9-10sarge5
Base file: /org/ftp.debian.org/ftp/pool/main/s/squid/squid_2.5.9-10sarge2.dsc
Target file: /org/ftp.debian.org/ftp/pool/main/s/squid/squid_2.5.9-10sarge5.dsc

diff -u squid-2.5.9/debian/changelog squid-2.5.9/debian/changelog
--- squid-2.5.9/debian/changelog
+++ squid-2.5.9/debian/changelog
@@ -1,3 +1,21 @@
+squid (2.5.9-10sarge5) oldstable-security; urgency=low
+
+  * Doh, build for correct suite
+
+ -- Moritz Muehlenhoff <jmm@debian.org>  Fri, 28 Mar 2008 12:50:13 +0000
+
+squid (2.5.9-10sarge4) stable-security; urgency=low
+
+  * Trigger recompile to bypass obscure wanna-build failure
+
+ -- Moritz Muehlenhoff <jmm@debian.org>  Sat, 26 Jan 2008 23:09:43 +0000
+
+squid (2.5.9-10sarge3) stable-security; urgency=low
+
+  * Fix memory leak DoS (CVE-2007-6239).
+
+ -- Moritz Muehlenhoff <jmm@debian.org>  Sun, 20 Jan 2008 22:36:14 +0000
+
 squid (2.5.9-10sarge2) stable-security; urgency=high
 
   * Upload to stable-security because of security issues
diff -u squid-2.5.9/debian/patches/00list squid-2.5.9/debian/patches/00list
--- squid-2.5.9/debian/patches/00list
+++ squid-2.5.9/debian/patches/00list
@@ -18,0 +19 @@
+47_CVE-2007-6239
only in patch2:
unchanged:
--- squid-2.5.9.orig/debian/patches/47_CVE-2007-6239.dpatch
+++ squid-2.5.9/debian/patches/47_CVE-2007-6239.dpatch
@@ -0,0 +1,79 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2007-6239
+
+@DPATCH@
+diff -urNad squid-2.5.9.orig/include/Array.h squid-2.5.9/include/Array.h
+--- squid-2.5.9.orig/include/Array.h	2005-06-09 00:51:46.000000000 -0700
++++ squid-2.5.9/include/Array.h	2008-01-07 16:42:51.000000000 -0800
+@@ -50,6 +50,8 @@
+ extern void arrayAppend(Array * s, void *obj);
+ extern void arrayInsert(Array * s, void *obj, int position);
+ extern void arrayPreAppend(Array * s, int app_count);
++extern void arrayShrink(Array *a, int new_count);
++
+ 
+ 
+ #endif /* SQUID_ARRAY_H */
+diff -urNad squid-2.5.9.orig/lib/Array.c squid-2.5.9/lib/Array.c
+--- squid-2.5.9.orig/lib/Array.c	2005-06-30 11:50:56.000000000 -0700
++++ squid-2.5.9/lib/Array.c	2008-01-07 16:42:51.000000000 -0800
+@@ -138,3 +138,11 @@
+     /* reset, just in case */
+     memset(a->items + a->count, 0, (a->capacity - a->count) * sizeof(void *));
+ }
++
++void
++arrayShrink(Array *a, int new_count)
++{
++	assert(new_count < a->capacity);
++	assert(new_count >= 0);
++	a->count = new_count;
++}
+diff -urNad squid-2.5.9.orig/src/HttpHeader.c squid-2.5.9/src/HttpHeader.c
+--- squid-2.5.9.orig/src/HttpHeader.c	2005-06-09 00:51:46.000000000 -0700
++++ squid-2.5.9/src/HttpHeader.c	2008-01-07 16:42:51.000000000 -0800
+@@ -370,12 +370,34 @@
+     }
+ }
+ 
++static void
++httpHeaderRepack(HttpHeader * hdr)
++{
++    HttpHeaderPos dp = HttpHeaderInitPos;
++    HttpHeaderPos pos = HttpHeaderInitPos;
++
++    /* XXX breaks layering for now! ie, getting grubby fingers in without httpHeaderEntryGet() */
++    dp = 0;
++    pos = 0;
++    while (dp < hdr->entries.count) {
++	for (; dp < hdr->entries.count && hdr->entries.items[dp] == NULL; dp++);
++	assert(dp < hdr->entries.count);
++	hdr->entries.items[pos] = hdr->entries.items[dp];
++	if (dp != pos)
++	    hdr->entries.items[dp] = NULL;
++	pos++;
++	dp++;
++    }
++    arrayShrink(&hdr->entries, pos);
++}
++
+ /* use fresh entries to replace old ones */
+ void
+ httpHeaderUpdate(HttpHeader * old, const HttpHeader * fresh, const HttpHeaderMask * denied_mask)
+ {
+     const HttpHeaderEntry *e;
+     HttpHeaderPos pos = HttpHeaderInitPos;
++
+     assert(old && fresh);
+     assert(old != fresh);
+     debug(55, 7) ("updating hdr: %p <- %p\n", old, fresh);
+@@ -387,6 +409,9 @@
+ 	httpHeaderDelByName(old, strBuf(e->name));
+ 	httpHeaderAddEntry(old, httpHeaderEntryClone(e));
+     }
++
++    /* And now, repack the array to "fill in the holes" */
++    httpHeaderRepack(old);
+ }
+ 
+ /* just handy in parsing: resets and returns false */