import squid-4.11-4.module+el8.4.0+9038+276d2d9f

2021-05-18 02:50:33 -04:00 · 2021-05-18 02:50:33 -04:00 · 32f4bda808
commit 32f4bda808
parent 11b0ae8e0d
2 changed files with 35 additions and 1 deletions
--- a/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch
+++ b/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch
@ -0,0 +1,27 @@
+diff --git a/tools/cachemgr.cc b/tools/cachemgr.cc
+index 36d8e38..50bb9b6 100644
+--- a/tools/cachemgr.cc
+++ b/tools/cachemgr.cc
+@@ -1092,14 +1092,20 @@ make_pub_auth(cachemgr_request * req)
+     if (!req->passwd || !strlen(req->passwd))
+         return;
+ 
+    auto *rfc1738_username = xstrdup(rfc1738_escape(safe_str(req->user_name)));
+    auto *rfc1738_passwd = xstrdup(rfc1738_escape(req->passwd));
+
+     /* host | time | user | passwd */
+     const int bufLen = snprintf(buf, sizeof(buf), "%s|%d|%s|%s",
+                                 req->hostname,
+                                 (int) now,
+-                                rfc1738_escape(safe_str(req->user_name)),
+-                                rfc1738_escape(req->passwd));
+                                rfc1738_username,
+                                rfc1738_passwd);
+     debug("cmgr: pre-encoded for pub: %s\n", buf);
+ 
+    safe_free(rfc1738_username);
+    safe_free(rfc1738_passwd);
+
+     const int encodedLen = base64_encode_len(bufLen);
+     req->pub_auth = (char *) xmalloc(encodedLen);
+     struct base64_encode_ctx ctx;
--- a/SPECS/squid.spec
+++ b/SPECS/squid.spec
@ -2,7 +2,7 @@

 Name:     squid
 Version:  4.11
-Release:  3%{?dist}
+Release:  4%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@ -36,6 +36,8 @@ Patch206: squid-4.11-active-ftp.patch
 # https://github.com/squid-cache/squid/commit/c26cd1cb6a60ff196ef13c00e82576d3bfeb2e30
 Patch207: squid-4.11-systemd.patch
 Patch208: squid-4.11-convert-ipv4.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1890606
+Patch209: squid-4.11-cache-mgr-auth-strdup.patch

 # Security fixes
 # https://bugzilla.redhat.com/show_bug.cgi?id=1852554
@ -109,6 +111,7 @@ lookup program (dnsserver), a program for retrieving FTP data
 %patch206 -p1 -b .active-ftp
 %patch207 -p1 -b .systemd
 %patch208 -p1 -R -b .convert-ipv4
+%patch209 -p1 -b .cachemgr-strdup

 # Security patches
 %patch500 -p1 -b .cve-2020-14058
@ -332,6 +335,10 @@ fi


 %changelog
+* Mon Oct 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-4
+- Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in
+  cachemgr.cgi
+
 * Wed Aug 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-3
 - Resolves: #1871705 - CVE-2020-24606 squid: Improper Input Validation could
  result in a DoS