pool/squid
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
293 Commits 2 Branches 0 Tags 2 MiB
be00812e5d
Commit Graph

293 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Dominique Leuenberger
9f839c09d5 Accepting request 795800 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/795800
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=79
 2020-04-21 11:11:43 +00:00
Adam Majer
1a19c2cdda Accepting request 795761 from home:kukuk:branches:server:proxy 
- Make logrotate recommended, it's not strictly required and 
  doesn't make any sense in containers

OBS-URL: https://build.opensuse.org/request/show/795761
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=208
 2020-04-20 11:30:46 +00:00
Dominique Leuenberger
1a693817c3 Accepting request 792007 from server:proxy 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/792007
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=78
 2020-04-08 17:57:10 +00:00
Adam Majer
7c91a28b19 Add missing CVE number to upstream release 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=206
 2020-03-31 14:28:53 +00:00
Dominique Leuenberger
e641f7a8bc Accepting request 776229 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/776229
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=77
 2020-02-19 11:43:04 +00:00
Martin Pluskal
53be975248 Accepting request 776203 from home:kukuk:container 
- Use sysusers instead of shadow to create squid user and groups
- Don't hard require systemd

OBS-URL: https://build.opensuse.org/request/show/776203
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=204
 2020-02-19 08:58:35 +00:00
Dominique Leuenberger
9b1651858a Accepting request 770216 from server:proxy 
- Update to squid 4.10:
  * fixes a security issue allowing a remote client ability to cause
    use a buffer overflow when squid is acting as reverse-proxy.
    (CVE-2020-8449, CVE-2020-8450, bsc#1162687)
  * fixes a security issue allowing for information disclosure in
    FTP gateway (CVE-2019-12528, bsc#1162689)
  * fixes a security issue in ext_lm_group_acl when processing
    NTLM Authentication credentials. (CVE-2020-8517, bsc#1162691)
  * improve cache handling with chunked responses

OBS-URL: https://build.opensuse.org/request/show/770216
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=76
 2020-02-05 18:44:27 +00:00
Adam Majer
4575171bf0 - Update to squid 4.10: 
* fixes a security issue allowing a remote client ability to cause
    use a buffer overflow when squid is acting as reverse-proxy.
    (CVE-2020-8449, CVE-2020-8450, bsc#1162687)
  * fixes a security issue allowing for information disclosure in
    FTP gateway (CVE-2019-12528, bsc#1162689)
  * fixes a security issue in ext_lm_group_acl when processing
    NTLM Authentication credentials. (CVE-2020-8517, bsc#1162691)
  * improve cache handling with chunked responses

OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=202
 2020-02-05 10:09:46 +00:00
Dominique Leuenberger
5dc6931f93 Accepting request 746661 from server:proxy 
- Update to squid 4.9:
  * fixes multiple Cross-Site Scripting issues in cachemgr.cgi
    (CVE-2019-13345, bsc#1140738)
  * fixes heap overflow in URN processing
    (CVE-2019-12526, bsc#1156326)
  * fixes multiple issues in URI processing
    (CVE-2019-12523, CVE-2019-18676, bsc#1156329)
  * fixes Cross-Site Request Forgery in HTTP Request processing
    (CVE-2019-18677, bsc#1156328)
  * fixes HTTP Request Splitting in HTTP message processing
    (CVE-2019-18678, bsc#1156323)
  * fixes information disclosure in HTTP Digest Authentication
    (CVE-2019-18679, bsc#1156324)
  * lower cache_peer hostname - this showed up as DNS failures
    if peer name was configured with any upper case characters
  * TLS: Multiple SSL-Bump fixes
  * TLS: Fix expiration of self-signed generated certs to be 3 years
  * TLS: Fix on_unsupported_protocol tunnel action
  * Fix several rock cache_dir corruption issues
- fix_configuration_error.patch: upstreamed
- old_nettle_compat.patch: refreshed

OBS-URL: https://build.opensuse.org/request/show/746661
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=75
 2019-11-09 22:40:27 +00:00
Adam Majer
b862c898ec - Update to squid 4.9: 
* fixes multiple Cross-Site Scripting issues in cachemgr.cgi
    (CVE-2019-13345, bsc#1140738)
  * fixes heap overflow in URN processing
    (CVE-2019-12526, bsc#1156326)
  * fixes multiple issues in URI processing
    (CVE-2019-12523, CVE-2019-18676, bsc#1156329)
  * fixes Cross-Site Request Forgery in HTTP Request processing
    (CVE-2019-18677, bsc#1156328)
  * fixes HTTP Request Splitting in HTTP message processing
    (CVE-2019-18678, bsc#1156323)
  * fixes information disclosure in HTTP Digest Authentication
    (CVE-2019-18679, bsc#1156324)
  * lower cache_peer hostname - this showed up as DNS failures
    if peer name was configured with any upper case characters
  * TLS: Multiple SSL-Bump fixes
  * TLS: Fix expiration of self-signed generated certs to be 3 years
  * TLS: Fix on_unsupported_protocol tunnel action
  * Fix several rock cache_dir corruption issues
- fix_configuration_error.patch: upstreamed
- old_nettle_compat.patch: refreshed

OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=200
 2019-11-08 16:23:28 +00:00
Dominique Leuenberger
ad1d02283e Accepting request 721533 from server:proxy 
- fix_configuration_error.patch: Fix compilation with -Wreturn-type
- old_nettle_compat.patch: Update to actually use older version

OBS-URL: https://build.opensuse.org/request/show/721533
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=74
 2019-08-08 12:23:33 +00:00
Adam Majer
5bf83e3a20 Fix compilation with old nettle 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=198
 2019-08-07 08:32:10 +00:00
Adam Majer
cfbd7154aa OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=197 2019-08-06 13:31:27 +00:00
Adam Majer
51b5f199a0 - fix_configuration_error.patch: Fix compilation with -Wreturn-type 
- old_nettle_compat.patch: Update to actually use older version

OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=196
 2019-08-06 13:19:25 +00:00
Dominique Leuenberger
a7a57d9637 Accepting request 718583 from server:proxy 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/718583
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=73
 2019-07-26 10:42:20 +00:00
Adam Majer
e1d5654187 Fix patch for current patch 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=194
 2019-07-18 14:27:06 +00:00
Adam Majer
cccd13179c - - old_nettle_compat.patch: Fix compatibility with nettle in SLE-12 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=193
 2019-07-18 14:14:00 +00:00
Dominique Leuenberger
a8a96222c4 Accepting request 715745 from server:proxy 
- Update to squid 4.8:
  + Ignore ECONNABORTED in accept(2)
  + RFC 7230 forbids generation of userinfo subcomponent of https URL
  + cachemgr.cgi: unallocated memory access resulting in a potential
    denial of service. (bsc#1141442, CVE-2019-12854)
  + terminating c-strings beyond BASE64_DECODE_LENGTH
  + Replace uudecode with libnettle base64 decoder fixing a denial
    of service vulnerability (bsc#1141329, CVE-2019-12529)
  + fix to_localhost does not include ::
  + Fix GCC-9 build issues
  + Fix Digest auth parameter parsing preventing a potential
    denial of service (bsc#1141332, CVE-2019-12525)
  + Update HttpHeader::getAuth to SBuf which prevents a potential
    heap overflowing allowing a possible remote code execution
    attack when processing HTTP Authentication credentials
    (bsc#1141330, CVE-2019-12527)
  + Add the NO_TLSv1_3 option to available tls-options values
  + Fix handling of tiny invalid responses
  + Fix Memory leak when http_reply_access uses external_acl
  + Fix Multiple XSS issues in cachemgr.cgi
    (bsc#1140738, CVE-2019-13345)
- use unbundled version of libnettle
- disable LTO as a workaround to tests failing

OBS-URL: https://build.opensuse.org/request/show/715745
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=72
 2019-07-18 13:20:23 +00:00
Adam Majer
1b4a15b127 - use unbundled version of libnettle 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=191
 2019-07-16 15:33:12 +00:00
Adam Majer
fef008683e OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=190 2019-07-16 07:58:08 +00:00
Adam Majer
49783ccec7 - disable LTO to as a workaround to tests failing 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=189
 2019-07-16 07:57:43 +00:00
Adam Majer
1f7d2548ca - Update to squid 4.8: 
+ Ignore ECONNABORTED in accept(2)
  + RFC 7230 forbids generation of userinfo subcomponent of https URL
  + cachemgr.cgi: unallocated memory access resulting in a potential
    denial of service. (bsc#1141442, CVE-2019-12854)
  + terminating c-strings beyond BASE64_DECODE_LENGTH
  + Replace uudecode with libnettle base64 decoder fixing a denial
    of service vulnerability (bsc#1141329, CVE-2019-12529)
  + fix to_localhost does not include ::
  + Fix GCC-9 build issues
  + Fix Digest auth parameter parsing preventing a potential
    denial of service (bsc#1141332, CVE-2019-12525)
  + Update HttpHeader::getAuth to SBuf which prevents a potential
    heap overflowing allowing a possible remote code execution
    attack when processing HTTP Authentication credentials
    (bsc#1141330, CVE-2019-12527)
  + Add the NO_TLSv1_3 option to available tls-options values
  + Fix handling of tiny invalid responses
  + Fix Memory leak when http_reply_access uses external_acl
  + Fix Multiple XSS issues in cachemgr.cgi
    (bsc#1140738, CVE-2019-13345)

OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=188
 2019-07-15 15:22:32 +00:00
Dominique Leuenberger
0b6b75ecb3 Accepting request 702817 from server:proxy 
Adding few more bug numbers that were missing
from the squid 3.x changelog

OBS-URL: https://build.opensuse.org/request/show/702817
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=71
 2019-05-15 10:33:54 +00:00
Adam Majer
777c5c3d20 Few more missing bug numbers from 3.x line 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=186
 2019-05-14 11:29:55 +00:00
Dominique Leuenberger
a7bfb7108b Accepting request 701549 from server:proxy 
- Update to squid 4.7: (jsc#SLE-5648)
  + Fix stack-based buffer-overflow when parsing SNMP messages
  + Fixed squidclient authentication
  + Add support for buffer-size= to UDP logging
  + Trust intermediate CAs from trusted stores
  + Bug #4928: Cannot convert non-IPv4 to IPv4
  + Bug #4796: comm.cc !isOpen(conn->fd) assertion when rotating logs
  + Bug #4823: assertion failed: "lowestOffset () <= target_offset"
    (bsc#1133089)
  + Bug #4942: --with-filedescriptors does not do anything

- Syncronize bug and CVE references between 3.x and 4.x squid changelog
  versions. These bugs were fixed here either without properly referencing
  them during the fix or 4.x branch was never affected by them.
  (bsc#1090089, CVE-2018-1172, bsc#979008, CVE-2016-4556,
   bsc#938715, CVE-2015-5400, bsc#949942, CVE-2014-9749,
   bsc#1016169, CVE-2016-10003, bsc#1016168, CVE-2016-10002,
   bsc#979011, CVE-2016-4555, bsc#979010, CVE-2016-4554,
   bsc#979009, CVE-2016-4553, bsc#976556, CVE-2016-4054,
   bsc#976553, CVE-2016-4051, bsc#973783, CVE-2016-3948,
   bsc#973782, CVE-2016-3947, bsc#968395, CVE-2016-2572,
   bsc#968394, CVE-2016-2571, bsc#968393, CVE-2016-2570,
   bsc#968392, CVE-2016-2569, bsc#967011, CVE-2016-2390,
   bsc#959290, CVE-2016-4052, CVE-2016-4053)

  + Fix memory leak when parsing SNMP packet
    (bsc#1113669, CVE-2018-19132)
    before displaying them (bsc#1113668, CVE-2018-19131)

OBS-URL: https://build.opensuse.org/request/show/701549
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=70
 2019-05-08 13:17:46 +00:00
Adam Majer
f7bbf15a1d - Update to squid 4.7: (jsc#SLE-5648) 
+ Fix stack-based buffer-overflow when parsing SNMP messages
  + Fixed squidclient authentication
  + Add support for buffer-size= to UDP logging
  + Trust intermediate CAs from trusted stores
  + Bug #4928: Cannot convert non-IPv4 to IPv4
  + Bug #4796: comm.cc !isOpen(conn->fd) assertion when rotating logs
  + Bug #4823: assertion failed: "lowestOffset () <= target_offset"
    (bsc#1133089)
  + Bug #4942: --with-filedescriptors does not do anything

OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=184
 2019-05-08 10:45:58 +00:00
Adam Majer
d65c3be188 - Syncronize bug and CVE references between 3.x and 4.x squid changelog 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=183
 2019-02-26 16:24:46 +00:00
Stephan Kulow
4bc6b0168e Accepting request 678651 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/678651
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=69
 2019-02-25 16:57:01 +00:00
Martin Pluskal
41a28e8b22 Accepting request 678364 from home:seanlew:branches:server:proxy 
Update squid to 4.6

OBS-URL: https://build.opensuse.org/request/show/678364
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=181
 2019-02-25 07:58:31 +00:00
Yuchen Lin
142b1d34e9 Accepting request 677001 from server:proxy 
- Revert whitespace deletions of .changes as it makes diffs a pain.

- Do not hide errors from useradd. Make scriptlets
  plain sh compatible.

OBS-URL: https://build.opensuse.org/request/show/677001
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=68
 2019-02-19 11:00:50 +00:00
Adam Majer
0dc8c8b0d5 - Revert whitespace deletions of .changes as it makes diffs a pain. 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=179
 2019-02-18 10:04:44 +00:00
Martin Pluskal
8ed27ce66b Accepting request 676612 from home:jengelh:branches:server:proxy 
- Do not hide errors from useradd. Make scriptlets
  plain sh compatible.

OBS-URL: https://build.opensuse.org/request/show/676612
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=178
 2019-02-18 07:45:40 +00:00
Dominique Leuenberger
5f3fd69e41 Accepting request 662383 from server:proxy 
- Update to squid 4.5: 
  + Squid crashes when ICAPS and a sslcrtvalidator used together (#328)
  + ssl_bump prevents from accessing some web contents (#304) 
  + Docs: improved lexgrog compatibility (#340)
  + Redesign forward_max_tries count TCP connection attempts
  + Fix client_connection_mark ACL handling of clientless transactions
  + Fix netdb exchange with a TLS cache peer
  + Update netdb when tunneling requests
  + Use pkg-config for detecting libxml2
  + Misc doc updates
  + Misc code compile fixes

OBS-URL: https://build.opensuse.org/request/show/662383
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=67
 2019-01-03 17:08:06 +00:00
Martin Pluskal
b292dfd12d OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=176 2019-01-02 08:44:24 +00:00
Martin Pluskal
f3e0551c1d Accepting request 662363 from home:seanlew:branches:server:proxy 
Updat squid

OBS-URL: https://build.opensuse.org/request/show/662363
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=175
 2019-01-02 08:30:55 +00:00
Dominique Leuenberger
2386973e81 Accepting request 653729 from server:proxy 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/653729
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=66
 2018-12-04 19:57:39 +00:00
Adam Majer
a2705b2937 - Fix permissions of installed file to tmpfilesdir 
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=173
 2018-11-09 13:15:01 +00:00
Dominique Leuenberger
8da3d2bbef Accepting request 645296 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/645296
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=65
 2018-10-31 12:14:28 +00:00
Adam Majer
172a09005a Accepting request 645255 from home:adamm:branches:server:proxy 
- New upstream stable version 4.4:
  + Fix memory leak when parsing SNMP packet (bsc#1113669)
  + Fixed display of error page by quoting certificate fields
    before displaying them (bsc#1113668)
  + Malformed %>ru URIs for CONNECT requests

OBS-URL: https://build.opensuse.org/request/show/645255
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=171
 2018-10-29 14:48:28 +00:00
Dominique Leuenberger
c2bb72d901 Accepting request 643975 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/643975
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=64
 2018-10-23 18:42:13 +00:00
Martin Pluskal
b13fb97e7d Accepting request 643973 from home:adamm:branches:server:proxy 
- Create runtime directories needed when SMP mode is enabled.
  (bsc#1112695, bsc#1112066)
- Make changelog entries format consistent

OBS-URL: https://build.opensuse.org/request/show/643973
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=169
 2018-10-23 13:55:38 +00:00
Dominique Leuenberger
9e74ac36eb Accepting request 639903 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/639903
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=63
 2018-10-04 17:02:24 +00:00
Martin Pluskal
5f431c6df6 Accepting request 639902 from home:pluskalm:branches:server:proxy 
- Enable tests

OBS-URL: https://build.opensuse.org/request/show/639902
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=167
 2018-10-04 08:40:01 +00:00
Martin Pluskal
71b88f256b - Correct changelog 
* Bug 4885: Excessive memory usage when running out of descriptors
	* Bug 4877: Add missing text about external_acl_type %DATA changes
	* Bug 4875 pt1: GCC-8 compile errors with -O3 optimization
	* Bug 4716: Blank lines in cachemgr.conf are not skipped
	* Bug 4691: balance_on_multiple_ip config option docs
	* basic_pop3_auth: fix startup errors
	* langpack: Add missing dialect aliases
	* Fix range_offset_limit debugging
	* Fix icc build errors
	* Update systemd dependencies in squid.service

OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=166
 2018-10-04 07:37:10 +00:00
Ondřej Súkup
c2c03bd33a Accepting request 639660 from home:seanlew:branches:server:proxy 
Updated squid to 4.3

OBS-URL: https://build.opensuse.org/request/show/639660
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=165
 2018-10-03 08:12:03 +00:00
Dominique Leuenberger
bf6256c979 Accepting request 628977 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/628977
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=62
 2018-08-15 08:36:34 +00:00
Martin Pluskal
c8ee9aaee4 Accepting request 628925 from home:adamm:branches:server:proxy 
- New upstream stable version 4.2:
  + fix HTTPMSGLOCK missing pointer safety
  + gcc-8 fixes
  + fix milliseconds logformats prepend 0s instead of spaces
  + fix %>ru logging of huge URLs

OBS-URL: https://build.opensuse.org/request/show/628925
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=163
 2018-08-13 12:44:10 +00:00
Dominique Leuenberger
c3b1f14fe8 Accepting request 621672 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/621672
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=61
 2018-07-09 11:30:52 +00:00
Martin Pluskal
4552ea2332 Accepting request 621175 from home:adamm:branches:server:proxy 
- New upstream stable version 4.1:
  + Fix --with-netfilter-conntrack error message
  + Supply ALE for force_request_body_continuation ACL

OBS-URL: https://build.opensuse.org/request/show/621175
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=161
 2018-07-09 07:44:50 +00:00
Yuchen Lin
5f7a4469f4 Accepting request 617654 from server:proxy 
OBS-URL: https://build.opensuse.org/request/show/617654
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=60
 2018-06-20 13:31:31 +00:00