- Update to squid 4.11:
* Fix incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (CVE-2019-12519, CVE-2019-12521, bsc#1169659) * Fixes possible information disclosure when translating FTP server listings into HTTP responses. (CVE-2019-12528, bsc#1162689) * Fixes possible denial of service caused by incorrect buffer management ext_lm_group_acl when processing NTLM Authentication credentials. (CVE-2020-8517, bsc#1162691) * Fixes a potential remote execution vulnerability when using HTTP Digest Authentication (CVE-2020-11945, bsc#1170313) * Fixes problem when reconfigure killed Coordinator in SMP+ufs configurations (#556) OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=210
This commit is contained in:
parent
1a19c2cdda
commit
8b38ddcc65
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:98f0100afd8a42ea5f6b81eb98b0e4b36d7a54beab1c73d2f1705ab49b025f1f
|
||||
size 2445848
|
@ -1,25 +0,0 @@
|
||||
File: squid-4.10.tar.xz
|
||||
Date: Mon Jan 20 04:10:45 UTC 2020
|
||||
Size: 2445848
|
||||
MD5 : af7ac6e70f9bd03ae4fcec0c9b99c38a
|
||||
SHA1: b8b267771550bb8c7f2b2968b305118090e7217a
|
||||
Key : CD6DBF8EF3B17D3E <squid3@treenet.co.nz>
|
||||
B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
|
||||
keyring = http://www.squid-cache.org/pgp.asc
|
||||
keyserver = pool.sks-keyservers.net
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAl4lKFMACgkQzW2/jvOx
|
||||
fT4aUBAAhR5YcsaTdBaFMOTNM0WUp3USNxjhrQtq+rwkQLqwh3hl2idKZY6fmqAJ
|
||||
cv/m9915T7Nd2H7ROl3vxs0ToP1R5EsEbyvcz/tKPoBrXFDDH9JsgkvbF0A4oxW1
|
||||
S8PtRlwXPbllHp/yaEZk9NL0PZCrUeW79s4M2hXSPOsC0/RogUUMN/Saa8VX3ZVe
|
||||
ZuSZoy+Ew3ZeQ3Y/mqblTN6xRn9zLq+GfqXOjTQQBfAiGprjsPQE4rOame6P9meh
|
||||
aGOGDABx7YoRsSskiAZY8cfIsunZdHoORi1WXvcu3hAB0zCZjrO0vptSig7sVCFD
|
||||
pdjLCrxopj/jIpAcVLPhl7AHjirAeTxDraQhgie+PT3M+tVm950HJZRt/idzCiNX
|
||||
XJj4Tw2gZ+tCKPLUoPvILID8grQQ+HKUA1a8ASeUxUD+sOcwdolUhbzlIl9lMDwY
|
||||
hxle9J1QH/04MAhMEnfGZH+ekR5PV+XG4iLWQnPcMSKymtDxiYpgJ9GTDBww0phk
|
||||
P1Tg33kSkHLAecEvcFlkZwrsw57qULFQKo2ZUE7Udm9xwBruwPunc+1XJ/PCs6mc
|
||||
3RfT5b1rf/fgWhvuwm5vuBkbL1H74gX8u84G984st5zj33t9aagByUXIkxjsLQww
|
||||
pFHXYm1PbphFsRIAcAGfkEluSz1X9yOwXyy12uuE7Bc/Ox7zIXk=
|
||||
=vpEO
|
||||
-----END PGP SIGNATURE-----
|
3
squid-4.11.tar.xz
Normal file
3
squid-4.11.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:4ed947612410263f57ad0e39bfd087e60fb714f028d7d3b0e469943efd34287d
|
||||
size 2447700
|
25
squid-4.11.tar.xz.asc
Normal file
25
squid-4.11.tar.xz.asc
Normal file
@ -0,0 +1,25 @@
|
||||
File: squid-4.11.tar.xz
|
||||
Date: Sun Apr 19 12:56:37 UTC 2020
|
||||
Size: 2447700
|
||||
MD5 : 10f34e852153a9996aa4614670e2bda1
|
||||
SHA1: 053277bf5497163ffc9261b9807abda5959bb6fc
|
||||
Key : CD6DBF8EF3B17D3E <squid3@treenet.co.nz>
|
||||
B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
|
||||
keyring = http://www.squid-cache.org/pgp.asc
|
||||
keyserver = pool.sks-keyservers.net
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAl6cSpEACgkQzW2/jvOx
|
||||
fT6YbA/6A+IbIbNBJUW45oj23Io9Tw/CzAcTeLHR+McKwV77qMbR+L+kQ+fUdM5F
|
||||
rHAmd8bVVlyHc4WanVfWItEmzBzHA/ifTNvVpefSGGEbDb80RF66k7ACiZUokg1b
|
||||
kkPwc/SjDhe2wvketIaBiVVd7pylrlCdVvazcF8gE9MWDOIlJND5mnHXidXvwkbJ
|
||||
T2//8JZVEmcmN9pdFGNAUVckFm+AnwWXcRM1SQPYDGSVUtjVlqido8snLTA1mZwl
|
||||
rIpjppujMV54OOWlj+Gqa3MZkpNzIaMCAfphzUFlsQY+/sRUYAOv1wmxw2WclxlK
|
||||
WlWM+fw8OsYNDMwkOScKZZWceoAkq6UsUHzCAdJIdLqV/R6mZ9nfuZ6BHIr0+2dP
|
||||
bDf9MU4KXbwEuXiRD/KPziUxxOZwSPivbm3wy9DqTTZfO9V+Iq6FVHX+ahxJ0XbM
|
||||
JWRYA3GW+DRLjorfsWxU5r4UJsrnBfhItPUAfGPjPjEGZ/pn8r9G6MGenNGPLMKy
|
||||
wP1rMlOhrZPwerzokzAvKx8G0WWkfN+IPv2JK3rDot6RiJIOuvnZZd4RIuVNTGbh
|
||||
liO7M24JlWX3WD2wHBzxQag46+plb3VvrrVChwIQnZ2Qzpf50w0Bife/wtNBGpK0
|
||||
k/Xi/nocO796YS8GZBnmhS1lEGEwp/YpJBFWmIjTWMUMEOcswVA=
|
||||
=PKl0
|
||||
-----END PGP SIGNATURE-----
|
@ -1,3 +1,22 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Apr 23 13:02:37 UTC 2020 - Adam Majer <adam.majer@suse.de>
|
||||
|
||||
- Update to squid 4.11:
|
||||
* Fix incorrect buffer handling that can result in cache
|
||||
poisoning, remote execution, and denial of service attacks when
|
||||
processing ESI responses
|
||||
(CVE-2019-12519, CVE-2019-12521, bsc#1169659)
|
||||
* Fixes possible information disclosure when translating
|
||||
FTP server listings into HTTP responses.
|
||||
(CVE-2019-12528, bsc#1162689)
|
||||
* Fixes possible denial of service caused by incorrect buffer
|
||||
management ext_lm_group_acl when processing NTLM Authentication
|
||||
credentials. (CVE-2020-8517, bsc#1162691)
|
||||
* Fixes a potential remote execution vulnerability when using
|
||||
HTTP Digest Authentication (CVE-2020-11945, bsc#1170313)
|
||||
* Fixes problem when reconfigure killed Coordinator in
|
||||
SMP+ufs configurations (#556)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 20 10:24:46 UTC 2020 - Thorsten Kukuk <kukuk@suse.com>
|
||||
|
||||
|
@ -19,7 +19,7 @@
|
||||
%define squidlibdir %{_libdir}/squid
|
||||
%define squidconfdir %{_sysconfdir}/squid
|
||||
Name: squid
|
||||
Version: 4.10
|
||||
Version: 4.11
|
||||
Release: 0
|
||||
Summary: Caching and forwarding HTTP web proxy
|
||||
License: GPL-2.0-or-later
|
||||
|
Loading…
Reference in New Issue
Block a user