Accepting request 568548 from home:adamm:branches:server:proxy

- Update Squid to 4.0.23
  * fixes DoS caused by incorrect pointer handling when processing
  ESI responses. This affects the default custom esi_parser
  (libxml2 and expat esi_parsers are unaffected)
  (bnc#1077003)
  * fixes DoS caused by incorrect pointer handing whien processing
  ESI responses or downloading intermediate CA certificates
  (bnc#1077006)
  * fixes "User names not sent to url_rewrite_program"
  * fixes %<Hs, %<pt, %<tt, %<bs calculation bugs for error responses

OBS-URL: https://build.opensuse.org/request/show/568548
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=145
This commit is contained in:
Adam Majer 2018-01-24 07:50:38 +00:00 committed by Git OBS Bridge
parent ecb9797e2d
commit f585458732
6 changed files with 44 additions and 30 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:51b852f17c21569d53bcd098d2c55a4e0c745e9cac392cff26d92681e911a5a2
size 2411692

View File

@ -1,25 +0,0 @@
File: squid-4.0.22.tar.xz
Date: Thu Dec 7 18:03:01 UTC 2017
Size: 2411692
MD5 : c09dab527ac8ea86833286597d2d633d
SHA1: b3e1cfe1cc1074506a46652946efe175eb69bf8a
Key : CD6DBF8EF3B17D3E <squid3@treenet.co.nz>
B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
keyring = http://www.squid-cache.org/pgp.asc
keyserver = pool.sks-keyservers.net
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAlopgl8ACgkQzW2/jvOx
fT55dw/+JlwxV8qTWxITUZ/8IFB5TO6T2Rzy8g4hFulTDoPN8/z4RZz/FNeQT/44
/csodC7kja1ZxVlzNz07gaIoPz8Ft4ITQRL3kUMJ3+azYSevXlaiTtAy2O3oo2PC
oGw8X5M8USZ578BwaEIsnG/FHJY8qogr6WfX2lPfT9fgnYzXl+hRLqc4oD/605pY
k+D3C6j4cuTjoo30qD867BY/0sf6AdFYnfsLtc/cT4K4B/VHB2pDDk+cDXyjLzT2
8AZkvG8XHwLFlXO7lHssHGM7uqxM2Sj+w9QJNJrFEh2tfdRAS6eXn3aSy6WeRHty
vOWXFc9U9D+PWPcHV3vE3FpLOBBkfhJnCiSMnz4GabjkXqjpD/7P1MQsTM2sKS4M
g/CpNdfhUshgxeNCmY0tJFu6cl/LFi7qbLBPNXQk0NDKZciiijARh9fFSsvvUHTA
g63LOZw+AyldeO5NMEalDaDsWViKd99CDXX93Y5qWxxuM4WhbStzUBUOXVl9CZ6m
P0B/uC+1IR56NETveklSRth7JrrlG7GkbV8uTkHJzTEHw3t+jAGFi80zV+V/gaAH
mMaXuv74UYosp2Zjdr5Ee5QLlo61kAWjKro9pd2uOyCUyGjijCcuyKa6zaNs1klp
9ehX0hnN1nX9blp/5Qx/fYLcds8vSr9QIpG6GEx5gJ5PCryckys=
=omrg
-----END PGP SIGNATURE-----

3
squid-4.0.23.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:18b71a601f60f49ca0cfc7d1d212dc935112d61008ab8a689fceab3ef4070f29
size 2415132

25
squid-4.0.23.tar.xz.asc Normal file
View File

@ -0,0 +1,25 @@
File: squid-4.0.23.tar.xz
Date: Fri Jan 19 13:39:51 UTC 2018
Size: 2415132
MD5 : 04eb448f1dc31b4b2d73fee6a91c240c
SHA1: 0bd4248b412e88087ba37686bc27b08480995a9d
Key : CD6DBF8EF3B17D3E <squid3@treenet.co.nz>
B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
keyring = http://www.squid-cache.org/pgp.asc
keyserver = pool.sks-keyservers.net
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAlph9S8ACgkQzW2/jvOx
fT4Acg/+JmF+1Y+pwI/cFwFJNbgY3+9Lo2jWtV929Faip/h7MoRdm4eGUB6DW4ts
3xn0prfIlOHSzg+GO7wda+/AWUe2V2VY3UKfd7HrxJ9PIr9RCUYOTFucIvW+7Jpd
MqxHhohURQKKUfOHHPzenGPoZdnI+pyf6sK7xL11rnDNyPd7P8MqZc6QCa4WrfI9
Z9fmTwuXH7r4kP4uPhqi1pEa5awM1UEJPPF+ovl5s8JcfsYPtN/c6FKAZf0wzz+s
SxuJIx/6JB4wIepOVMNEMObOzfhLqM96w3CAFGaDLi1w4dVfBqMknVEikArlbEKV
zvtkKevYsnkbmOYbFdsyqyr4+8VnzAor+RBauXc3H5DT5yUFryBLXzQxIc7EgBOn
b69pr3VhLctjtsHpdWRGFzxRh//EDNEYSHspoOqURivUTtR1U/qIV/pJ5P38hBfr
udXy7gFTrrny3nA3fGvK7Lr+yDW72V2z2oMqR0TKPKAJkrmDAyX11svdEBBNJjpt
yzQUWHoWvlzZ8YJlBbTh1gGjXT1SEhSVQBbYcgZJb7fy/WVJg2TS5uf965Xckvig
uFGdHnjkWeJHLFZUciHabxwdXroIj/rRymR+vRb/sqmuVroT4pMaS1sx96SUHfyD
OoGK/KeCHeP9xYywlAFb/mzd+bRkL9O2+sb0yjLtgSEMB9A5HQs=
=z1t9
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,17 @@
-------------------------------------------------------------------
Mon Jan 22 12:48:24 UTC 2018 - adam.majer@suse.de
- Update Squid to 4.0.23
* fixes DoS caused by incorrect pointer handling when processing
ESI responses. This affects the default custom esi_parser
(libxml2 and expat esi_parsers are unaffected)
(bnc#1077003)
* fixes DoS caused by incorrect pointer handing whien processing
ESI responses or downloading intermediate CA certificates
(bnc#1077006)
* fixes "User names not sent to url_rewrite_program"
* fixes %<Hs, %<pt, %<tt, %<bs calculation bugs for error responses
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jan 9 17:06:14 UTC 2018 - mpluskal@suse.com Tue Jan 9 17:06:14 UTC 2018 - mpluskal@suse.com

View File

@ -23,12 +23,12 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates %define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif %endif
Name: squid Name: squid
Version: 4.0.22 Version: 4.0.23
Release: 0 Release: 0
Summary: Caching and forwarding HTTP web proxy Summary: Caching and forwarding HTTP web proxy
License: GPL-2.0+ License: GPL-2.0+
Group: Productivity/Networking/Web/Proxy Group: Productivity/Networking/Web/Proxy
URL: http://www.squid-cache.org Url: http://www.squid-cache.org
Source0: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz Source0: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz
Source1: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz.asc Source1: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz.asc
Source4: squid.sysconfig Source4: squid.sysconfig