diff --git a/squid.spec b/squid.spec index d4db871..fecb975 100644 --- a/squid.spec +++ b/squid.spec @@ -4,8 +4,8 @@ Summary: The Squid proxy caching server. Name: squid -Version: 2.5.STABLE7 -Release: 4 +Version: 2.5.STABLE8 +Release: 2 Epoch: 7 License: GPL Group: System Environment/Daemons @@ -17,38 +17,22 @@ Source4: squid.sysconfig Source5: squid.pam Source98: perl-requires-squid.sh ## Source99: filter-requires-squid.sh -Patch1: squid-2.5.STABLE7-config.patch -#Patch2: squid-perlpath.patch -Patch3: squid-2.5.STABLE4-location.patch -Patch4: squid-2.5.STABLE7-build.patch -Patch5: squid-2.5.STABLE4-perlpath.patch -Patch6: squid-2.5.STABLE5-pipe.patch -Patch100: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-half_closed_POST.patch -Patch101: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-LDAP_version_documentation.patch -Patch102: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7_req_resp_header.patch -Patch103: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-helper_shutdown.patch -Patch104: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-non_blocking_disk.patch -Patch105: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-blank_response.patch -Patch106: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-dothost.patch -Patch107: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-PURGE_internal.patch -Patch108: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-httpd_accel_vport.patch -Patch109: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-cachemgr_vmobjects.patch -Patch110: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch -Patch111: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-close_other.patch -Patch112: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-fakeauth_auth.patch -Patch113: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch -Patch114: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch -Patch115: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-dns_memleak.patch -Patch116: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-fqdn_truncated.patch -Patch117: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ldap_spaces.patch -Patch118: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-header_parsing.patch -Patch119: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-httpd_accel_no_pmtu_disc.patch -Patch120: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ftp_datachannel.patch -Patch121: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-short_icons_urls.patch -Patch122: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-response_splitting.patch -Patch123: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patch -Patch124: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch +# Upstream patches +Patch100: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch +Patch101: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-format_fixes.patch +Patch102: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-html_high_chars.patch +Patch103: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-ftp_cleanup.patch + + +# Local patches +# Applying upstream patches first makes it less likely that local patches +# will break upstream ones. +Patch201: squid-2.5.STABLE7-config.patch +Patch202: squid-2.5.STABLE4-location.patch +Patch203: squid-2.5.STABLE7-build.patch +Patch204: squid-2.5.STABLE4-perlpath.patch +Patch205: squid-2.5.STABLE5-pipe.patch BuildRoot: %{_tmppath}/%{name}-%{version}-root Prereq: /sbin/chkconfig logrotate shadow-utils @@ -70,38 +54,17 @@ lookup program (dnsserver), a program for retrieving FTP data %prep %setup -q -%patch1 -p1 -b .config -#%patch2 -p1 -b .perlpath -%patch3 -p1 -b .location -%patch4 -p1 -b .build -%patch5 -p1 -b .perlpath -%patch6 -p1 -b .pipe %patch100 -p1 %patch101 -p1 %patch102 -p1 %patch103 -p1 -%patch104 -p1 -%patch105 -p1 -%patch106 -p1 -%patch107 -p1 -%patch108 -p1 -%patch109 -p1 -%patch110 -p1 -%patch111 -p1 -%patch112 -p1 -%patch113 -p1 -%patch114 -p1 -%patch115 -p1 -%patch116 -p1 -%patch117 -p1 -%patch118 -p1 -%patch119 -p1 -%patch120 -p1 -%patch121 -p1 -%patch122 -p1 -%patch123 -p1 -%patch124 -p1 + +%patch201 -p1 -b .config +%patch202 -p1 -b .location +%patch203 -p1 -b .build +%patch204 -p1 -b .perlpath +%patch205 -p1 -b .pipe %build export CFLAGS="-fPIE -Os -g -pipe -fsigned-char" ; export LDFLAGS=-pie ; @@ -321,7 +284,11 @@ fi chgrp squid /var/cache/samba/winbindd_privileged > /dev/null 2>& 1 || true %changelog -* Tue Feb 1 2005 Jay Fenlason 7:2.5.STABLE8-2 +- new upstream version with 4 upstream patches. +- Reorganize spec file to apply upstream patches first + +* Tue Feb 1 2005 Jay Fenlason 7:2.5.STABLE7-4 - Include two more upstream patches for security vulns: bz#146783 Correct handling of oversized reply headers bz#146778 CAN-2005-0211 Buffer overflow in WCCP recvfrom() call