diff --git a/squid-4.0.22.tar.xz b/squid-4.0.22.tar.xz deleted file mode 100644 index dacbc70..0000000 --- a/squid-4.0.22.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:51b852f17c21569d53bcd098d2c55a4e0c745e9cac392cff26d92681e911a5a2 -size 2411692 diff --git a/squid-4.0.22.tar.xz.asc b/squid-4.0.22.tar.xz.asc deleted file mode 100644 index 0c19f49..0000000 --- a/squid-4.0.22.tar.xz.asc +++ /dev/null @@ -1,25 +0,0 @@ -File: squid-4.0.22.tar.xz -Date: Thu Dec 7 18:03:01 UTC 2017 -Size: 2411692 -MD5 : c09dab527ac8ea86833286597d2d633d -SHA1: b3e1cfe1cc1074506a46652946efe175eb69bf8a -Key : CD6DBF8EF3B17D3E - B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E - keyring = http://www.squid-cache.org/pgp.asc - keyserver = pool.sks-keyservers.net ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAlopgl8ACgkQzW2/jvOx -fT55dw/+JlwxV8qTWxITUZ/8IFB5TO6T2Rzy8g4hFulTDoPN8/z4RZz/FNeQT/44 -/csodC7kja1ZxVlzNz07gaIoPz8Ft4ITQRL3kUMJ3+azYSevXlaiTtAy2O3oo2PC -oGw8X5M8USZ578BwaEIsnG/FHJY8qogr6WfX2lPfT9fgnYzXl+hRLqc4oD/605pY -k+D3C6j4cuTjoo30qD867BY/0sf6AdFYnfsLtc/cT4K4B/VHB2pDDk+cDXyjLzT2 -8AZkvG8XHwLFlXO7lHssHGM7uqxM2Sj+w9QJNJrFEh2tfdRAS6eXn3aSy6WeRHty -vOWXFc9U9D+PWPcHV3vE3FpLOBBkfhJnCiSMnz4GabjkXqjpD/7P1MQsTM2sKS4M -g/CpNdfhUshgxeNCmY0tJFu6cl/LFi7qbLBPNXQk0NDKZciiijARh9fFSsvvUHTA -g63LOZw+AyldeO5NMEalDaDsWViKd99CDXX93Y5qWxxuM4WhbStzUBUOXVl9CZ6m -P0B/uC+1IR56NETveklSRth7JrrlG7GkbV8uTkHJzTEHw3t+jAGFi80zV+V/gaAH -mMaXuv74UYosp2Zjdr5Ee5QLlo61kAWjKro9pd2uOyCUyGjijCcuyKa6zaNs1klp -9ehX0hnN1nX9blp/5Qx/fYLcds8vSr9QIpG6GEx5gJ5PCryckys= -=omrg ------END PGP SIGNATURE----- diff --git a/squid-4.0.23.tar.xz b/squid-4.0.23.tar.xz new file mode 100644 index 0000000..80563de --- /dev/null +++ b/squid-4.0.23.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:18b71a601f60f49ca0cfc7d1d212dc935112d61008ab8a689fceab3ef4070f29 +size 2415132 diff --git a/squid-4.0.23.tar.xz.asc b/squid-4.0.23.tar.xz.asc new file mode 100644 index 0000000..23d3499 --- /dev/null +++ b/squid-4.0.23.tar.xz.asc @@ -0,0 +1,25 @@ +File: squid-4.0.23.tar.xz +Date: Fri Jan 19 13:39:51 UTC 2018 +Size: 2415132 +MD5 : 04eb448f1dc31b4b2d73fee6a91c240c +SHA1: 0bd4248b412e88087ba37686bc27b08480995a9d +Key : CD6DBF8EF3B17D3E + B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E + keyring = http://www.squid-cache.org/pgp.asc + keyserver = pool.sks-keyservers.net +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAlph9S8ACgkQzW2/jvOx +fT4Acg/+JmF+1Y+pwI/cFwFJNbgY3+9Lo2jWtV929Faip/h7MoRdm4eGUB6DW4ts +3xn0prfIlOHSzg+GO7wda+/AWUe2V2VY3UKfd7HrxJ9PIr9RCUYOTFucIvW+7Jpd +MqxHhohURQKKUfOHHPzenGPoZdnI+pyf6sK7xL11rnDNyPd7P8MqZc6QCa4WrfI9 +Z9fmTwuXH7r4kP4uPhqi1pEa5awM1UEJPPF+ovl5s8JcfsYPtN/c6FKAZf0wzz+s +SxuJIx/6JB4wIepOVMNEMObOzfhLqM96w3CAFGaDLi1w4dVfBqMknVEikArlbEKV +zvtkKevYsnkbmOYbFdsyqyr4+8VnzAor+RBauXc3H5DT5yUFryBLXzQxIc7EgBOn +b69pr3VhLctjtsHpdWRGFzxRh//EDNEYSHspoOqURivUTtR1U/qIV/pJ5P38hBfr +udXy7gFTrrny3nA3fGvK7Lr+yDW72V2z2oMqR0TKPKAJkrmDAyX11svdEBBNJjpt +yzQUWHoWvlzZ8YJlBbTh1gGjXT1SEhSVQBbYcgZJb7fy/WVJg2TS5uf965Xckvig +uFGdHnjkWeJHLFZUciHabxwdXroIj/rRymR+vRb/sqmuVroT4pMaS1sx96SUHfyD +OoGK/KeCHeP9xYywlAFb/mzd+bRkL9O2+sb0yjLtgSEMB9A5HQs= +=z1t9 +-----END PGP SIGNATURE----- diff --git a/squid.changes b/squid.changes index d274957..fe19052 100644 --- a/squid.changes +++ b/squid.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Mon Jan 22 12:48:24 UTC 2018 - adam.majer@suse.de + +- Update Squid to 4.0.23 + * fixes DoS caused by incorrect pointer handling when processing + ESI responses. This affects the default custom esi_parser + (libxml2 and expat esi_parsers are unaffected) + (bnc#1077003) + * fixes DoS caused by incorrect pointer handing whien processing + ESI responses or downloading intermediate CA certificates + (bnc#1077006) + * fixes "User names not sent to url_rewrite_program" + * fixes %