From 91cd7d9ece4da9c67b48ed02822339b292fda538baea1ca1bead9cd16ce426ab Mon Sep 17 00:00:00 2001 From: Martin Pluskal Date: Wed, 6 Oct 2021 08:28:26 +0000 Subject: [PATCH 1/2] Accepting request 923273 from home:adamm:branches:server:proxy - transition to squid 5.x. This is a major release and for changes and how to transition from 4.x, see the release notes, http://www.squid-cache.org/Versions/v5/RELEASENOTES.html - update to 5.2 * fixes issues with WCCP protocol that may lead to information disclosure (bsc#1189403, CVE-2021-28116) - drop unused BR: db-devel, ed, opensp-devel, pkgconfig(kdb) - new BR: pkgconfig(tdb) OBS-URL: https://build.opensuse.org/request/show/923273 OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=240 --- squid-4.16.tar.xz | 3 --- squid-4.16.tar.xz.asc | 25 ------------------------- squid-5.2.tar.xz | 3 +++ squid-5.2.tar.xz.asc | 25 +++++++++++++++++++++++++ squid.changes | 13 +++++++++++++ squid.spec | 17 +++++++++++------ 6 files changed, 52 insertions(+), 34 deletions(-) delete mode 100644 squid-4.16.tar.xz delete mode 100644 squid-4.16.tar.xz.asc create mode 100644 squid-5.2.tar.xz create mode 100644 squid-5.2.tar.xz.asc diff --git a/squid-4.16.tar.xz b/squid-4.16.tar.xz deleted file mode 100644 index ba6e569..0000000 --- a/squid-4.16.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7e00e891757c1c02dae546c9898f440c6031b684d8c243d6edab529076e3ba63 -size 2454396 diff --git a/squid-4.16.tar.xz.asc b/squid-4.16.tar.xz.asc deleted file mode 100644 index 55a6be4..0000000 --- a/squid-4.16.tar.xz.asc +++ /dev/null @@ -1,25 +0,0 @@ -File: squid-4.16.tar.xz -Date: Mon 05 Jul 2021 11:04:24 UTC -Size: 2454396 -MD5 : d200064f7050969680f628d26b8c704d -SHA1: 4ddc098b5f7c276d19134c7c3b247cdb51d1c88d -Key : CD6DBF8EF3B17D3E - B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E - keyring = http://www.squid-cache.org/pgp.asc - keyserver = pool.sks-keyservers.net ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAmDi5z8ACgkQzW2/jvOx -fT6UCA//bF0H/wNlW4JufmEaltjJU7Y8A2JCQpZO6nCAjGOzBRMgzM8Oc1apg0Ll -PvJewb7VKSdJSVDgP1lWJnRoc0wIFVL+bgOwM47/KeJZ+Wdc0pGt0I1eq4mfsusJ -unsO8O8ERgwDkc9fBONCvA5OgeWVl0ZOCO+iGaq4Q7vDdS4xWTWp7FtFit0p+Rra -+XprHLPi6bfBwEZaWivJ83bwA7BowLmOBZXlJV8qrZPbCAwq+pi4Pbo/IhTlSpAg -kTCTDmrsa1vCU2pwTY5QW1AF2B7b68vaadSTuWbC082FEWCdhIqmZwdx22Q8EkJH -rpE53yCjGNriFUW7Yb8lSHS4tNMV8ig6ZDUZyNa9D0p4hGXvQqUfUdYtbR7sLULa -BQmFq3+uWxav6Kz4qaKXGd0I12aa19/kPJbCate9vzt/d5AvEpnkL5BeStkLsDxz -2obdUEUT4tcunmtmjlf9uUuKlqXnCTkb8hzth0QMLIVot13jnqWdO1R66cQRXX0N -GK/wwDVwSrmCV69H5ZzAp+7+Xv6qPeJhXZ5ywA6hBRvCODOMg2qXmX7sV9PpCxMp -8ApkbPWpGDV7Azd1LZ9z3VsrUtF8oihsZ6kE6vQ/YPSeXrGQi9zuA9rWnKXPIgaf -2YkrcUgvsLjxO0haygKvehFu1jlLz0ZAROY9xLdwNouJMHbwGVY= -=3SVV ------END PGP SIGNATURE----- diff --git a/squid-5.2.tar.xz b/squid-5.2.tar.xz new file mode 100644 index 0000000..f6f713b --- /dev/null +++ b/squid-5.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ea921f055c6cc4b3c6542d995f5a7c5980f2f91adaaa10fe8260d0f1527aaf80 +size 2553872 diff --git a/squid-5.2.tar.xz.asc b/squid-5.2.tar.xz.asc new file mode 100644 index 0000000..a3776b8 --- /dev/null +++ b/squid-5.2.tar.xz.asc @@ -0,0 +1,25 @@ +File: squid-5.2.tar.xz +Date: Sun 03 Oct 2021 15:15:35 UTC +Size: 2553872 +MD5 : 102984f3ea382a1fa5bd917c2ee155ec +SHA1: 0568a55c8bf20fbcbfadf126347f3e790945e5d2 +Key : CD6DBF8EF3B17D3E + B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E + keyring = http://www.squid-cache.org/pgp.asc + keyserver = pool.sks-keyservers.net +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAmFZySIACgkQzW2/jvOx +fT6sUBAArqj2/hn+a1okSuUWef2x0AtEKXy18aaYTJxF20yq3nNO1jLZYUY9dgpo +I0R32a8liygQPtfb+FFzQjkoIfpgEsmskndS0/jlOicY7ljw4MfHCLCtmc1xzPIs +UErI4SFR1H3aIa4yAmbQEhjuCWqBOzLt/UBzOupF89hofT57CZhVNoYgO2IWFu3+ +j2eZmq6nZbBBHBJG3II+FiFuPhTpuiMxdQ1WN84a+XklhIatOWVW8ALX/hBT12KC +Z9SxixgZQFpCQ9uNfpoCsMVrhWS9tJnUmnOiziWIEKgVHnPOh/uQLxxZvvSUc8Ag +aUAM2DcDx3QWw1RLx/kJPfpCt2tHEHGfGpd7U5LcTEfDYIyjfwnVF9L1kGuHaT+k +RW96vq9NFikSKmyEKRZ3EUZNqXJE3dd6pYpOO3GjHRr2fBn1D+UpV90vswTWBrzX +7gO8aPnnD8/uD6h6pFSBNpAAKpEBS9watDRBlTIEsivaTeZxzob7dk9ZiK8cjsRQ +jhVTvwQw9r5ong50y1pg5APD3wwipNUjHVMD45XQNbxZAGsZMPnvA0vDFECKJ6iG +CVwpOc48Fkl6frY0ByddCES4lWzgkkfYtPQGkPYxhOGhaqiRXO8kjk0/Dbw4AJW1 +BoHM9DydPohXuNQZIA19v7lcYvQShCmp3xbUoQ45AwZno4DpAAA= +=PQ84 +-----END PGP SIGNATURE----- diff --git a/squid.changes b/squid.changes index c43f6f7..06b5de3 100644 --- a/squid.changes +++ b/squid.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Mon Oct 4 13:19:48 UTC 2021 - Adam Majer + +- transition to squid 5.x. This is a major release and for changes + and how to transition from 4.x, see the release notes, + http://www.squid-cache.org/Versions/v5/RELEASENOTES.html +- update to 5.2 + * fixes issues with WCCP protocol that may lead to information + disclosure (bsc#1189403, CVE-2021-28116) + +- drop unused BR: db-devel, ed, opensp-devel, pkgconfig(kdb) +- new BR: pkgconfig(tdb) + ------------------------------------------------------------------- Sun Aug 1 09:20:03 UTC 2021 - Dirk Müller diff --git a/squid.spec b/squid.spec index 8e82dbe..b5162d9 100644 --- a/squid.spec +++ b/squid.spec @@ -24,7 +24,7 @@ %define squidhelperdir %{_sbindir} %endif Name: squid -Version: 4.16 +Version: 5.2 Release: 0 Summary: Caching and forwarding HTTP web proxy License: GPL-2.0-or-later @@ -47,15 +47,12 @@ Source17: tmpfilesdir.squid.conf Patch1: missing_installs.patch Patch2: old_nettle_compat.patch BuildRequires: cppunit-devel -BuildRequires: db-devel -BuildRequires: ed BuildRequires: expat BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: libcap-devel BuildRequires: libtool BuildRequires: openldap2-devel -BuildRequires: opensp-devel BuildRequires: openssl-devel BuildRequires: pam-devel BuildRequires: pkgconfig @@ -63,18 +60,22 @@ BuildRequires: samba-winbind BuildRequires: sharutils BuildRequires: pkgconfig(expat) BuildRequires: pkgconfig(gssrpc) -BuildRequires: pkgconfig(kdb) BuildRequires: pkgconfig(krb5) BuildRequires: pkgconfig(libsasl2) BuildRequires: pkgconfig(libxml-2.0) BuildRequires: pkgconfig(nettle) +BuildRequires: pkgconfig(tdb) Requires(pre): permissions Recommends: logrotate Provides: http_proxy +%if 0%{suse_version} <= 1500 # due to package rename # Wed Aug 15 17:40:30 UTC 2012 +# remove this after SLE15 Provides: %{name}3 = %{version} Obsoletes: %{name}3 < %{version} +%endif + %{?systemd_ordering} %if 0%{?suse_version} >= 1500 BuildRequires: sysuser-shadow @@ -153,7 +154,11 @@ export LDFLAGS="-Wl,--as-needed -Wl,--no-undefined -Wl,-z,relro,-z,now -pie" --disable-arch-native \ --enable-security-cert-generators \ --enable-security-cert-validators -make -O SAMBAPREFIX=%{_prefix} %{?_smp_mflags} +#make -O SAMBAPREFIX=%{_prefix} %{?_smp_mflags} +mkdir src/icmp/tests +mkdir tools/squidclient/tests +mkdir tools/sysvinit/tests tools/tests +make %{?_smp_mflags} %if 0%{?suse_version} >= 1500 %sysusers_generate_pre %{SOURCE12} squid %endif From 7540de6b79a43b6dc293684d09e867064f04c46e88b8fe0a4227a845662c0f93 Mon Sep 17 00:00:00 2001 From: Adam Majer Date: Wed, 6 Oct 2021 17:10:48 +0000 Subject: [PATCH 2/2] Fix Source URLs OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=241 --- squid.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/squid.spec b/squid.spec index b5162d9..f41aba2 100644 --- a/squid.spec +++ b/squid.spec @@ -30,8 +30,8 @@ Summary: Caching and forwarding HTTP web proxy License: GPL-2.0-or-later Group: Productivity/Networking/Web/Proxy URL: http://www.squid-cache.org -Source0: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz -Source1: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz.asc +Source0: http://www.squid-cache.org/Versions/v5/squid-%{version}.tar.xz +Source1: http://www.squid-cache.org/Versions/v5/squid-%{version}.tar.xz.asc Source5: pam.squid Source6: unsquid.pl Source7: %{name}.logrotate