new version 3.5.15
- Resolves: #1311585 - squid: Multiple Denial of Service issues in HTTP Response processing - Resolves: #1312267 - squid: SQUID-2016_2 advisory, multiple DoS issues
This commit is contained in:
parent
031f48e6bd
commit
0579ec7683
4
sources
4
sources
@ -1,2 +1,2 @@
|
||||
7a22503cfc99e1f89cb309b5facfbbc3 squid-3.5.13.tar.xz
|
||||
a76fa5fcfbaf5d99d420bf82556e62b8 squid-3.5.13.tar.xz.asc
|
||||
997084b40aaed7d0fa9db11904638ea9 squid-3.5.15.tar.xz
|
||||
eb10bd395bac307c8992e0966b0d0b58 squid-3.5.15.tar.xz.asc
|
||||
|
@ -1,46 +0,0 @@
|
||||
------------------------------------------------------------
|
||||
revno: 13981
|
||||
revision-id: squid3@treenet.co.nz-20160213062427-jz0en4qyajeqpa7x
|
||||
parent: squid3@treenet.co.nz-20160212045102-ivwab8s8p2gi32fv
|
||||
fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4437
|
||||
author: Christos Tsantilas <chtsanti@users.sourceforge.net>
|
||||
committer: Amos Jeffries <squid3@treenet.co.nz>
|
||||
branch nick: 3.5
|
||||
timestamp: Sat 2016-02-13 19:24:27 +1300
|
||||
message:
|
||||
Bug 4437: Fix Segfault on Certain SSL Handshake Errors
|
||||
|
||||
Squid after an unsuccesfull try to connect to the remote server may make two
|
||||
concurrent retries to connect to the remote SSL server, calling twice the
|
||||
FwdState::retryOrBail() method, which may result to unexpected behaviour.
|
||||
|
||||
Prevent this by just closing the connection to the remote SSL server inside
|
||||
FwdState::connectedToPeer method on error and instead of calling the
|
||||
FwdState::retryOrBail method, just allow comm_close handler to retry the
|
||||
connection if required.
|
||||
|
||||
This is a Measurement Factory project
|
||||
------------------------------------------------------------
|
||||
# Bazaar merge directive format 2 (Bazaar 0.90)
|
||||
# revision_id: squid3@treenet.co.nz-20160213062427-jz0en4qyajeqpa7x
|
||||
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
|
||||
# testament_sha1: f22a644062f4d8c8a13897b396197ea7b44b4231
|
||||
# timestamp: 2016-02-13 06:53:09 +0000
|
||||
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
|
||||
# base_revision_id: squid3@treenet.co.nz-20160212045102-\
|
||||
# ivwab8s8p2gi32fv
|
||||
#
|
||||
# Begin patch
|
||||
=== modified file 'src/FwdState.cc'
|
||||
--- src/FwdState.cc 2016-01-31 05:39:09 +0000
|
||||
+++ src/FwdState.cc 2016-02-13 06:24:27 +0000
|
||||
@@ -719,7 +719,7 @@
|
||||
answer.error.clear(); // preserve error for errorSendComplete()
|
||||
if (CachePeer *p = serverConnection()->getPeer())
|
||||
peerConnectFailed(p);
|
||||
- retryOrBail();
|
||||
+ serverConnection()->close();
|
||||
return;
|
||||
}
|
||||
|
||||
|
12
squid.spec
12
squid.spec
@ -1,8 +1,8 @@
|
||||
%define __perl_requires %{SOURCE98}
|
||||
|
||||
Name: squid
|
||||
Version: 3.5.13
|
||||
Release: 3%{?dist}
|
||||
Version: 3.5.15
|
||||
Release: 1%{?dist}
|
||||
Summary: The Squid proxy caching server
|
||||
Epoch: 7
|
||||
# See CREDITS for breakdown of non GPLv2+ code
|
||||
@ -32,7 +32,6 @@ Patch202: squid-3.1.0.9-location.patch
|
||||
Patch203: squid-3.0.STABLE1-perlpath.patch
|
||||
Patch204: squid-3.5.9-include-guards.patch
|
||||
Patch205: 0001-cppunit-config-no-longer-exists-use-pkg-config.patch
|
||||
Patch206: squid-3.5-13981.patch
|
||||
|
||||
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
Requires: bash >= 2.0
|
||||
@ -93,7 +92,6 @@ lookup program (dnsserver), a program for retrieving FTP data
|
||||
%patch203 -p1 -b .perlpath
|
||||
%patch204 -p0 -b .include-guards
|
||||
%patch205 -p1 -b .cppunit-config
|
||||
%patch206 -p0 -b .CVE-2016-2390
|
||||
|
||||
%build
|
||||
# cppunit-config patch changes configure.ac
|
||||
@ -288,6 +286,12 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Mar 01 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.15-1
|
||||
- new version 3.5.15
|
||||
- Resolves: #1311585 - squid: Multiple Denial of Service issues in
|
||||
HTTP Response processing
|
||||
- Resolves: #1312267 - squid: SQUID-2016_2 advisory, multiple DoS issues
|
||||
|
||||
* Tue Mar 01 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.13-3
|
||||
- Resolves: #1308866 - CVE-2016-2390 squid: incorrect server error
|
||||
handling resulting in denial of service
|
||||
|
Loading…
Reference in New Issue
Block a user