From: "Yann E. MORIN" <yann.morin.1998@free.fr>
To: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 1/1] package/squid: security bump to version 6.6
Date: Tue, 26 Dec 2023 22:06:49 +0100 [thread overview]
Message-ID: <ZYtAaU1oyaF_va4K@landeda> (raw)
In-Reply-To: <20231226203423.1243592-1-fontaine.fabrice@gmail.com>
Fabrice, All,
On 2023-12-26 21:34 +0100, Fabrice Fontaine spake thusly:
> - Drop patch (already in version)
> - Fix CVE-2023-50269: This problem allows a remote client to perform
> Denial of Service attack by sending a large X-Forwarded-For header
> when the follow_x_forwarded_for feature is configured.
>
> https://github.com/squid-cache/squid/security/advisories/GHSA-wgq4-4cfg-c4x3
> https://github.com/squid-cache/squid/blob/SQUID_6_6/ChangeLog
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Applied to master, thanks.
Regards,
Yann E. MORIN.
> ---
> ...-ESI-build-with-libxml2-v2.12.0-1600.patch | 32 -------------------
> package/squid/squid.hash | 8 ++---
> package/squid/squid.mk | 2 +-
> 3 files changed, 5 insertions(+), 37 deletions(-)
> delete mode 100644 package/squid/0001-Bug-5328-Fix-ESI-build-with-libxml2-v2.12.0-1600.patch
>
> diff --git a/package/squid/0001-Bug-5328-Fix-ESI-build-with-libxml2-v2.12.0-1600.patch b/package/squid/0001-Bug-5328-Fix-ESI-build-with-libxml2-v2.12.0-1600.patch
> deleted file mode 100644
> index fcbdcc1749..0000000000
> --- a/package/squid/0001-Bug-5328-Fix-ESI-build-with-libxml2-v2.12.0-1600.patch
> +++ /dev/null
> @@ -1,32 +0,0 @@
> -From c9b3edc1396925aa7eca3d3cc6c798806286a974 Mon Sep 17 00:00:00 2001
> -From: bkuhls <bkuhls@users.noreply.github.com>
> -Date: Sun, 26 Nov 2023 15:09:21 +0000
> -Subject: [PATCH] Bug 5328: Fix ESI build with libxml2 v2.12.0 (#1600)
> -
> - Libxml2Parser.cc:147:40: error: invalid conversion from
> - 'const xmlError*' to 'xmlErrorPtr' {aka 'xmlError*'} [-fpermissive]
> -
> -libxml2 recently made xmlGetLastError() return a constant object.
> -
> -Upstream: https://github.com/squid-cache/squid/commit/c9b3edc1396925aa7eca3d3cc6c798806286a974
> -Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ----
> - src/esi/Libxml2Parser.cc | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/src/esi/Libxml2Parser.cc b/src/esi/Libxml2Parser.cc
> -index f03752885..236a37433 100644
> ---- a/src/esi/Libxml2Parser.cc
> -+++ b/src/esi/Libxml2Parser.cc
> -@@ -144,7 +144,7 @@ ESILibxml2Parser::lineNumber() const
> - char const *
> - ESILibxml2Parser::errorString() const
> - {
> -- xmlErrorPtr error = xmlGetLastError();
> -+ const auto error = xmlGetLastError();
> -
> - if (error == nullptr)
> - return nullptr;
> ---
> -2.43.0
> -
> diff --git a/package/squid/squid.hash b/package/squid/squid.hash
> index a163bd9ad3..4a8ea5d550 100644
> --- a/package/squid/squid.hash
> +++ b/package/squid/squid.hash
> @@ -1,6 +1,6 @@
> -# From http://www.squid-cache.org/Versions/v6/squid-6.5.tar.xz.asc
> -md5 da2797d899cf538fab7f504fdf3c18bf squid-6.5.tar.xz
> -sha1 07a08394625948750264778c82e19cf24ea7cb1f squid-6.5.tar.xz
> +# From http://www.squid-cache.org/Versions/v6/squid-6.6.tar.xz.asc
> +md5 5a41134ee1b7e75f62088acdec92d2ca squid-6.6.tar.xz
> +sha1 f05e06a9dd3bf7501d2844e43d9ae1bd00e9edcc squid-6.6.tar.xz
> # Locally calculated
> -sha256 5070f8a3ae6666870c8fc716326befb0a1abe8b5ff3a6f3932cbc5543d7c8549 squid-6.5.tar.xz
> +sha256 55bd7f9f4898153161ea1228998acb551bf840832b9e5b90fc8ecd2942420318 squid-6.6.tar.xz
> sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
> diff --git a/package/squid/squid.mk b/package/squid/squid.mk
> index c1477b1adf..3a9edac71e 100644
> --- a/package/squid/squid.mk
> +++ b/package/squid/squid.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -SQUID_VERSION = 6.5
> +SQUID_VERSION = 6.6
> SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz
> SQUID_SITE = http://www.squid-cache.org/Versions/v6
> SQUID_LICENSE = GPL-2.0+
> --
> 2.43.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2023-12-26 21:12 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-26 20:34 [Buildroot] [PATCH 1/1] package/squid: security bump to version 6.6 Fabrice Fontaine
2023-12-26 21:06 ` Yann E. MORIN [this message]
2024-01-10 10:17 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZYtAaU1oyaF_va4K@landeda \
--to=yann.morin.1998@free.fr \
--cc=buildroot@buildroot.org \
--cc=fontaine.fabrice@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.