diff --git a/fix_configuration_error.patch b/fix_configuration_error.patch deleted file mode 100644 index 61b3409..0000000 --- a/fix_configuration_error.patch +++ /dev/null @@ -1,32 +0,0 @@ -Fix warnings that result in build failures with -Wreturn-type errors - -error: no return statement in function returning non-void -warning: 'conv' defined but not used - - 202 | static struct pam_conv conv = { &password_conversation, 0 }; - | ^~~~ -cc1plus: some warnings being treated as errors - - -Index: squid-4.8/acinclude/pam.m4 -=================================================================== ---- squid-4.8.orig/acinclude/pam.m4 -+++ squid-4.8/acinclude/pam.m4 -@@ -21,7 +21,7 @@ AC_DEFUN([CHECK_STRUCT_PAM_CONV], [ - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ - #include - static int --password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {} -+password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { return 0; } - static struct pam_conv conv = { &password_conversation, 0 }; - ]])], [ - squid_cv_pam_conv_signature=linux -@@ -29,7 +29,7 @@ static struct pam_conv conv = { &passwor - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ - #include - static int --password_conversation(int num_msg, struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {} -+password_conversation(int num_msg, struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { return 0; } - static struct pam_conv conv = { &password_conversation, 0 }; - ]])], [ - squid_cv_pam_conv_signature=solaris diff --git a/old_nettle_compat.patch b/old_nettle_compat.patch index 83300b9..2f8433f 100644 --- a/old_nettle_compat.patch +++ b/old_nettle_compat.patch @@ -15,11 +15,11 @@ Date: Fri Feb 7 09:11:20 2014 +0100 Base64 and base16 decoding: Use *dst_length as output only. -Index: squid-4.8/src/HttpHeader.cc +Index: squid-4.9/src/HttpHeader.cc =================================================================== ---- squid-4.8.orig/src/HttpHeader.cc -+++ squid-4.8/src/HttpHeader.cc -@@ -1301,8 +1301,8 @@ HttpHeader::getAuthToken(Http::HdrType i +--- squid-4.9.orig/src/HttpHeader.cc ++++ squid-4.9/src/HttpHeader.cc +@@ -1298,8 +1298,8 @@ HttpHeader::getAuthToken(Http::HdrType i char *decodedAuthToken = result.rawAppendStart(BASE64_DECODE_LENGTH(fieldLen)); struct base64_decode_ctx ctx; base64_decode_init(&ctx); @@ -30,10 +30,10 @@ Index: squid-4.8/src/HttpHeader.cc !base64_decode_final(&ctx)) { return nil; } -Index: squid-4.8/src/auth/basic/Config.cc +Index: squid-4.9/src/auth/basic/Config.cc =================================================================== ---- squid-4.8.orig/src/auth/basic/Config.cc -+++ squid-4.8/src/auth/basic/Config.cc +--- squid-4.9.orig/src/auth/basic/Config.cc ++++ squid-4.9/src/auth/basic/Config.cc @@ -176,8 +176,8 @@ Auth::Basic::Config::decodeCleartext(con struct base64_decode_ctx ctx; base64_decode_init(&ctx); @@ -45,10 +45,10 @@ Index: squid-4.8/src/auth/basic/Config.cc cleartext[dstLen] = '\0'; /* -Index: squid-4.8/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc +Index: squid-4.9/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc =================================================================== ---- squid-4.8.orig/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc -+++ squid-4.8/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc +--- squid-4.9.orig/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc ++++ squid-4.9/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc @@ -131,6 +131,7 @@ token_decode(size_t *decodedLen, uint8_t { struct base64_decode_ctx ctx; @@ -57,10 +57,10 @@ Index: squid-4.8/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc if (!base64_decode_update(&ctx, decodedLen, decoded, strlen(buf), reinterpret_cast(buf)) || !base64_decode_final(&ctx)) { SEND("BH base64 decode failed"); -Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc +Index: squid-4.9/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc =================================================================== ---- squid-4.8.orig/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc -+++ squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc +--- squid-4.9.orig/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc ++++ squid-4.9/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc @@ -681,8 +681,8 @@ main(int argc, char *const argv[]) struct base64_decode_ctx ctx; @@ -83,10 +83,10 @@ Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc token[blen] = '\0'; if (check_gss_err(major_status, minor_status, "gss_accept_sec_context()", log, 1)) -Index: squid-4.8/src/auth/negotiate/wrapper/negotiate_wrapper.cc +Index: squid-4.9/src/auth/negotiate/wrapper/negotiate_wrapper.cc =================================================================== ---- squid-4.8.orig/src/auth/negotiate/wrapper/negotiate_wrapper.cc -+++ squid-4.8/src/auth/negotiate/wrapper/negotiate_wrapper.cc +--- squid-4.9.orig/src/auth/negotiate/wrapper/negotiate_wrapper.cc ++++ squid-4.9/src/auth/negotiate/wrapper/negotiate_wrapper.cc @@ -192,8 +192,8 @@ processingLoop(FILE *FDKIN, FILE *FDKOUT struct base64_decode_ctx ctx; @@ -98,10 +98,10 @@ Index: squid-4.8/src/auth/negotiate/wrapper/negotiate_wrapper.cc !base64_decode_final(&ctx)) { if (debug_enabled) fprintf(stderr, "%s| %s: Invalid base64 token [%s]\n", LogTime(), PROGRAM, buf+3); -Index: squid-4.8/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc +Index: squid-4.9/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc =================================================================== ---- squid-4.8.orig/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc -+++ squid-4.8/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc +--- squid-4.9.orig/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc ++++ squid-4.9/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc @@ -203,8 +203,8 @@ make_challenge(char *domain, char *domai struct base64_encode_ctx ctx; @@ -125,10 +125,10 @@ Index: squid-4.8/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc !base64_decode_final(&ctx)) { SEND("NA Packet format error, couldn't base64-decode"); return; -Index: squid-4.8/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc +Index: squid-4.9/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc =================================================================== ---- squid-4.8.orig/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc -+++ squid-4.8/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc +--- squid-4.9.orig/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc ++++ squid-4.9/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc @@ -418,6 +418,7 @@ token_decode(size_t *decodedLen, uint8_t { struct base64_decode_ctx ctx; @@ -137,10 +137,10 @@ Index: squid-4.8/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc if (!base64_decode_update(&ctx, decodedLen, decoded, strlen(buf), reinterpret_cast(buf)) || !base64_decode_final(&ctx)) { SEND_BH("message=\"base64 decode failed\""); -Index: squid-4.8/src/auth/ntlm/fake/ntlm_fake_auth.cc +Index: squid-4.9/src/auth/ntlm/fake/ntlm_fake_auth.cc =================================================================== ---- squid-4.8.orig/src/auth/ntlm/fake/ntlm_fake_auth.cc -+++ squid-4.8/src/auth/ntlm/fake/ntlm_fake_auth.cc +--- squid-4.9.orig/src/auth/ntlm/fake/ntlm_fake_auth.cc ++++ squid-4.9/src/auth/ntlm/fake/ntlm_fake_auth.cc @@ -153,9 +153,9 @@ main(int argc, char *argv[]) ntlmhdr *packet; struct base64_decode_ctx ctx; @@ -164,11 +164,11 @@ Index: squid-4.8/src/auth/ntlm/fake/ntlm_fake_auth.cc if (NTLM_packet_debug_enabled) { printf("TT %.*s\n", (int)blen, data); debug("sending 'TT' to squid with data:\n"); -Index: squid-4.8/tools/cachemgr.cc +Index: squid-4.9/tools/cachemgr.cc =================================================================== ---- squid-4.8.orig/tools/cachemgr.cc -+++ squid-4.8/tools/cachemgr.cc -@@ -1082,8 +1082,8 @@ make_pub_auth(cachemgr_request * req) +--- squid-4.9.orig/tools/cachemgr.cc ++++ squid-4.9/tools/cachemgr.cc +@@ -1104,8 +1104,8 @@ make_pub_auth(cachemgr_request * req) req->pub_auth = (char *) xmalloc(encodedLen); struct base64_encode_ctx ctx; base64_encode_init(&ctx); @@ -179,7 +179,7 @@ Index: squid-4.8/tools/cachemgr.cc req->pub_auth[blen] = '\0'; debug("cmgr: encoded: '%s'\n", req->pub_auth); } -@@ -1103,8 +1103,8 @@ decode_pub_auth(cachemgr_request * req) +@@ -1125,8 +1125,8 @@ decode_pub_auth(cachemgr_request * req) char *buf = static_cast(xmalloc(BASE64_DECODE_LENGTH(strlen(req->pub_auth))+1)); struct base64_decode_ctx ctx; base64_decode_init(&ctx); @@ -190,7 +190,7 @@ Index: squid-4.8/tools/cachemgr.cc !base64_decode_final(&ctx)) { debug("cmgr: base64 decode failure. Incomplete auth token string.\n"); xfree(buf); -@@ -1197,8 +1197,8 @@ make_auth_header(const cachemgr_request +@@ -1219,8 +1219,8 @@ make_auth_header(const cachemgr_request char *str64 = static_cast(xmalloc(encodedLen)); struct base64_encode_ctx ctx; base64_encode_init(&ctx); @@ -201,16 +201,16 @@ Index: squid-4.8/tools/cachemgr.cc str64[blen] = '\0'; stringLength += snprintf(buf, sizeof(buf), "Authorization: Basic %.*s\r\n", (int)blen, str64); -Index: squid-4.8/include/base64.h +Index: squid-4.9/include/base64.h =================================================================== ---- squid-4.8.orig/include/base64.h -+++ squid-4.8/include/base64.h +--- squid-4.9.orig/include/base64.h ++++ squid-4.9/include/base64.h @@ -9,11 +9,11 @@ #ifndef _SQUID_BASE64_H #define _SQUID_BASE64_H -#if HAVE_NETTLE_BASE64_H && HAVE_NETTLE34_BASE64 -+#if HAVE_NETTLE_BASE64_H ++#if HAVE_NETTLE_BASE64_H #include #else /* Base64 functions copied from Nettle 3.4 under GPLv2, with adjustments */ @@ -219,10 +219,10 @@ Index: squid-4.8/include/base64.h /* base64.h Base-64 encoding and decoding. -Index: squid-4.8/lib/base64.c +Index: squid-4.9/lib/base64.c =================================================================== ---- squid-4.8.orig/lib/base64.c -+++ squid-4.8/lib/base64.c +--- squid-4.9.orig/lib/base64.c ++++ squid-4.9/lib/base64.c @@ -13,7 +13,7 @@ #include "squid.h" #include "base64.h" @@ -232,10 +232,10 @@ Index: squid-4.8/lib/base64.c /* base64-encode.c -Index: squid-4.8/src/format/Format.cc +Index: squid-4.9/src/format/Format.cc =================================================================== ---- squid-4.8.orig/src/format/Format.cc -+++ squid-4.8/src/format/Format.cc +--- squid-4.9.orig/src/format/Format.cc ++++ squid-4.9/src/format/Format.cc @@ -557,8 +557,8 @@ Format::Format::assemble(MemBuf &mb, con struct base64_encode_ctx ctx; @@ -247,25 +247,10 @@ Index: squid-4.8/src/format/Format.cc sb.rawAppendFinish(buf, encLength); out = sb.c_str(); -Index: squid-4.8/src/auth/digest/Config.cc +Index: squid-4.9/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc =================================================================== ---- squid-4.8.orig/src/auth/digest/Config.cc -+++ squid-4.8/src/auth/digest/Config.cc -@@ -111,8 +111,8 @@ authDigestNonceEncode(digest_nonce_h * n - nonce->key = xcalloc(base64_encode_len(sizeof(digest_nonce_data)), 1); - struct base64_encode_ctx ctx; - base64_encode_init(&ctx); -- size_t blen = base64_encode_update(&ctx, reinterpret_cast(nonce->key), sizeof(digest_nonce_data), reinterpret_cast(&(nonce->noncedata))); -- blen += base64_encode_final(&ctx, reinterpret_cast(nonce->key)+blen); -+ size_t blen = base64_encode_update(&ctx, (uint8_t*)nonce->key, sizeof(digest_nonce_data), (uint8_t*)&(nonce->noncedata)); -+ blen += base64_encode_final(&ctx, ((uint8_t*)(nonce->key))+blen); - } - - digest_nonce_h * -Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc -=================================================================== ---- squid-4.8.orig/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc -+++ squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc +--- squid-4.9.orig/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc ++++ squid-4.9/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc @@ -203,8 +203,8 @@ squid_kerb_proxy_auth(char *proxy) token = (char *) xcalloc(base64_encode_len(output_token.length), 1); struct base64_encode_ctx ctx; @@ -277,10 +262,10 @@ Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc } } -Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc +Index: squid-4.9/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc =================================================================== ---- squid-4.8.orig/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc -+++ squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc +--- squid-4.9.orig/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc ++++ squid-4.9/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc @@ -245,8 +245,8 @@ getdomaingids(char *ad_groups, uint32_t base64_encode_init(&ctx); const uint32_t expectedSz = base64_encode_len(length+4) +1 /* terminator */; @@ -303,10 +288,10 @@ Index: squid-4.8/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc b64buf[expectedSz-1] = '\0'; if (!pstrcat(ad_groups, reinterpret_cast(b64buf))) { debug((char *) "%s| %s: WARN: Too many groups ! size > %d : %s\n", -Index: squid-4.8/src/adaptation/icap/ModXact.cc +Index: squid-4.9/src/adaptation/icap/ModXact.cc =================================================================== ---- squid-4.8.orig/src/adaptation/icap/ModXact.cc -+++ squid-4.8/src/adaptation/icap/ModXact.cc +--- squid-4.9.orig/src/adaptation/icap/ModXact.cc ++++ squid-4.9/src/adaptation/icap/ModXact.cc @@ -1369,10 +1369,10 @@ void Adaptation::Icap::ModXact::makeRequ struct base64_encode_ctx ctx; base64_encode_init(&ctx); @@ -333,10 +318,10 @@ Index: squid-4.8/src/adaptation/icap/ModXact.cc buf.appendf("%s: %.*s\r\n", TheConfig.client_username_header, (int)resultLen, base64buf); } else buf.appendf("%s: %s\r\n", TheConfig.client_username_header, value); -Index: squid-4.8/src/http.cc +Index: squid-4.9/src/http.cc =================================================================== ---- squid-4.8.orig/src/http.cc -+++ squid-4.8/src/http.cc +--- squid-4.9.orig/src/http.cc ++++ squid-4.9/src/http.cc @@ -1697,9 +1697,9 @@ httpFixupAuthentication(HttpRequest * re username = request->auth_user_request->username(); #endif @@ -387,10 +372,10 @@ Index: squid-4.8/src/http.cc result[blen] = '\0'; if (blen) httpHeaderPutStrf(hdr_out, Http::HdrType::AUTHORIZATION, "Basic %.*s", (int)blen, result); -Index: squid-4.8/src/peer_proxy_negotiate_auth.cc +Index: squid-4.9/src/peer_proxy_negotiate_auth.cc =================================================================== ---- squid-4.8.orig/src/peer_proxy_negotiate_auth.cc -+++ squid-4.8/src/peer_proxy_negotiate_auth.cc +--- squid-4.9.orig/src/peer_proxy_negotiate_auth.cc ++++ squid-4.9/src/peer_proxy_negotiate_auth.cc @@ -562,8 +562,8 @@ char *peer_proxy_negotiate_auth(char *pr static char b64buf[8192]; // XXX: 8KB only because base64_encode_bin() used to. struct base64_encode_ctx ctx; @@ -402,10 +387,10 @@ Index: squid-4.8/src/peer_proxy_negotiate_auth.cc b64buf[blen] = '\0'; token = reinterpret_cast(b64buf); -Index: squid-4.8/tools/squidclient/gssapi_support.cc +Index: squid-4.9/tools/squidclient/gssapi_support.cc =================================================================== ---- squid-4.8.orig/tools/squidclient/gssapi_support.cc -+++ squid-4.8/tools/squidclient/gssapi_support.cc +--- squid-4.9.orig/tools/squidclient/gssapi_support.cc ++++ squid-4.9/tools/squidclient/gssapi_support.cc @@ -134,8 +134,8 @@ GSSAPI_token(const char *server) token = new char[base64_encode_len(output_token.length)]; struct base64_encode_ctx ctx; @@ -417,10 +402,10 @@ Index: squid-4.8/tools/squidclient/gssapi_support.cc token[blen] = '\0'; } } -Index: squid-4.8/tools/squidclient/squidclient.cc +Index: squid-4.9/tools/squidclient/squidclient.cc =================================================================== ---- squid-4.8.orig/tools/squidclient/squidclient.cc -+++ squid-4.8/tools/squidclient/squidclient.cc +--- squid-4.9.orig/tools/squidclient/squidclient.cc ++++ squid-4.9/tools/squidclient/squidclient.cc @@ -212,10 +212,10 @@ Authorization::commit(std::ostream &os) const auto buf = new char[bcapacity]; diff --git a/squid-4.8.tar.xz b/squid-4.8.tar.xz deleted file mode 100644 index ebbd7a2..0000000 --- a/squid-4.8.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:78cdb324d93341d36d09d5f791060f6e8aaa5ff3179f7c949cd910d023a86210 -size 2440888 diff --git a/squid-4.8.tar.xz.asc b/squid-4.8.tar.xz.asc deleted file mode 100644 index cd638da..0000000 --- a/squid-4.8.tar.xz.asc +++ /dev/null @@ -1,25 +0,0 @@ -File: squid-4.8.tar.xz -Date: Tue Jul 9 19:30:13 UTC 2019 -Size: 2440888 -MD5 : 08e018f2d8db4911ee90591284fa1ca5 -SHA1: 4ff1390eee3ec20cefa5565cbb56e1a89a12bfc1 -Key : CD6DBF8EF3B17D3E - B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E - keyring = http://www.squid-cache.org/pgp.asc - keyserver = pool.sks-keyservers.net ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAl0k60wACgkQzW2/jvOx -fT7tAg/7BB9XyX4Sxi6sdyAwSPJ7vu3sd8ENE2mYdnLlozd3n57g2EDJoDWNGMOV -eym6Xe5TCDyadXKDVHni4LrFm80RgILMRvkkY9RIIRBTac+SEpDPZq/XL5xzxL1K -mRxJ2Mg9dC/1Cja4xAT/NihinJ2g/vqPY/fC+35kHd1q+U3DeQlmRhMN+IoP6kOk -ZFYfl2DkHRZFRVF/yjxy2f2ktSuZOoUcnnAI2IWzgZS5iNR4F5ozNXKNUaAhcROy -Md6/VCnoLvYDVlXgJUBUsn0Qt/Kgl/3h/CUdGVUnG2Lt5+Gh3LZBlCNZ/P/6lBSD -9/hXLPkY4OTKrxkf0LdwNrGH9XZX5FoKAUDvF+qUvEqwFJdgzklyXSAoEQRfFtK2 -KRAjuxR1h/JquiA7lfYchmHaS13FktkpGMAJWrQZFjRRnDcVqjEotGkcpgaIjVfG -/Bw9LLjRf4glYvgd8+wDZBpBGU2mLXOu0/0IfU3gN4nRXnxvum0xPRPRQhmZWzjk -svpUA1W4r7Uy1zog96Gry0NNh5bik+MU7OI/0uJPxSk4DhRFg+HcQ0GHb3eF0yBY -nTv8Ks3CMMsoa9tCzFfqmxKQMHBA0feBSzjOgN5nqibr7BRp9NiJPtj3sOS6oCDK -jBSV1ArI6nyaU26hfelNp375CPHObAFLlBA31+saV55hyr2Ydx4= -=ee2E ------END PGP SIGNATURE----- diff --git a/squid-4.9.tar.xz b/squid-4.9.tar.xz new file mode 100644 index 0000000..e29e550 --- /dev/null +++ b/squid-4.9.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1cb1838c6683b0568a3a4050f4ea2fc1eaa5cbba6bdf7d57f7258c7cd7b41fa1 +size 2444664 diff --git a/squid-4.9.tar.xz.asc b/squid-4.9.tar.xz.asc new file mode 100644 index 0000000..2604dd2 --- /dev/null +++ b/squid-4.9.tar.xz.asc @@ -0,0 +1,25 @@ +File: squid-4.9.tar.xz +Date: Wed Nov 6 04:57:57 UTC 2019 +Size: 2444664 +MD5 : 5c2e335dd1e8ced9dda6e0e11894b344 +SHA1: 43c90a1a2eb4d1613f1bfc603ad08e8a835be319 +Key : CD6DBF8EF3B17D3E + B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E + keyring = http://www.squid-cache.org/pgp.asc + keyserver = pool.sks-keyservers.net +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAl3CUt8ACgkQzW2/jvOx +fT4Wnw/+Osf9VTnDFj5g/eXgb6vhzDaSLVfPNKLI6mF46a6twTvlMcM1+sX+b2Of +KXznDkUHvhIHijXGVbscSWx6Rn2tuPGDRRtDucqK98bYUo7mhEpdGtkVE7t8U3iz +wIKm7Hbr8qar4nJDLoZiZSCswI+UTcYncUuAqZ0O8LGIK0m6aYYDSS4bRq04yiS2 +1JD0UEWW35X35hoVuhGlRRgvLzKn8F4KFeDde0gg+cqvkM0LR2+xkUqz6DcyE34m +8uK6hlABu32Zj+9oRBvNNcDOr2bfNYsbS4tAy635thFTyGUF7jjrOEXhl2SYrDY5 +gVRzXHq/WBQ5rjTdmwvfn3wcwA1BQK/Oru6OaTFGaSrRlmJJM3JUFQWSsYWm8ARV +BJEGy8iQ9R41Yom2Ct8SOhwg7f3fBlFnK+BB8En+8s+fEa8z5rVmmjh1Es8qm6Tj +C/xGTZ23C4lUveKznDhc8MR2M4jjsH77Y7K/PvJUjZ/yYNpwsOwhv7fs51v70S5Q +4wC+ykpsmwckmOajrkOnupUN9Un2FzfyOctTt6PQkmwlq++09Jwxwg36O+KLDX08 +f48F/qCCJ4bubuhFjM/A+cwVev0nAp0haSV0jpbemAHwzog21O51l70B8qUe18jp +XKYpbp3zCJ5cNmrAummsEVaj2ZCsH5ZHxTUIwvJDIS5b0OFn/lo= +=LNc9 +-----END PGP SIGNATURE----- diff --git a/squid.changes b/squid.changes index 2ffdaa2..7d60752 100644 --- a/squid.changes +++ b/squid.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Fri Nov 8 15:24:15 UTC 2019 - Adam Majer + +- Update to squid 4.9: + * fixes multiple Cross-Site Scripting issues in cachemgr.cgi + (CVE-2019-13345, bsc#1140738) + * fixes heap overflow in URN processing + (CVE-2019-12526, bsc#1156326) + * fixes multiple issues in URI processing + (CVE-2019-12523, CVE-2019-18676, bsc#1156329) + * fixes Cross-Site Request Forgery in HTTP Request processing + (CVE-2019-18677, bsc#1156328) + * fixes HTTP Request Splitting in HTTP message processing + (CVE-2019-18678, bsc#1156323) + * fixes information disclosure in HTTP Digest Authentication + (CVE-2019-18679, bsc#1156324) + * lower cache_peer hostname - this showed up as DNS failures + if peer name was configured with any upper case characters + * TLS: Multiple SSL-Bump fixes + * TLS: Fix expiration of self-signed generated certs to be 3 years + * TLS: Fix on_unsupported_protocol tunnel action + * Fix several rock cache_dir corruption issues + +- fix_configuration_error.patch: upstreamed +- old_nettle_compat.patch: refreshed + ------------------------------------------------------------------- Tue Aug 6 13:05:58 UTC 2019 - Adam Majer diff --git a/squid.spec b/squid.spec index 244658e..4d1c831 100644 --- a/squid.spec +++ b/squid.spec @@ -19,7 +19,7 @@ %define squidlibdir %{_libdir}/squid %define squidconfdir %{_sysconfdir}/squid Name: squid -Version: 4.8 +Version: 4.9 Release: 0 Summary: Caching and forwarding HTTP web proxy License: GPL-2.0-or-later @@ -40,7 +40,6 @@ Source16: initialize_cache_if_needed.sh Source17: tmpfilesdir.squid.conf Patch1: missing_installs.patch Patch2: old_nettle_compat.patch -Patch3: fix_configuration_error.patch BuildRequires: cppunit-devel BuildRequires: db-devel BuildRequires: ed @@ -93,7 +92,6 @@ perl -p -i -e 's|%{_prefix}/local/bin/perl|%{_bindir}/perl|' `find -name "*.pl"` %if %{suse_version} < 1500 %patch2 -p1 %endif -%patch3 -p1 %build %define _lto_cflags %{nil}