Merged update from upstream sources

This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/squid.git#815e336e3888ac3459828dda089a8e352e422003
2021-04-05 01:40:25 +00:00 · 2021-04-05 01:40:25 +00:00 · 3717cc6b86
commit 3717cc6b86
parent 32486dd46b
3 changed files with 10 additions and 5 deletions
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (squid-4.13.tar.xz) = 06807f82ed01e12afe2dd843aa0a94f69c351765b1889c4c5c3da1cf2ecb06ac3a4be6a24a62f04397299c8fc0df5397f76f64df5422ff78b37a9382d5fdf7fc
-SHA512 (squid-4.13.tar.xz.asc) = be1265376927dcb3c96ea0c8c1b0f1d6bd7e3deb0fdd38ff80030c31f53f77345a8b8564c6b8cc79d7449aa361d4bdf1ba10d02f5f08af245ee35b484977b93a
+SHA512 (squid-4.14.tar.xz) = 3509caea9e10ea54547eeb769a21f0ca4d37e39a063953821fc51d588b22facfa183d0a48be9ab15831ee646e031079b515c75162515b8a4e7c708df2d41958b
+SHA512 (squid-4.14.tar.xz.asc) = a556e5f20e25e598375e3a6d8a300a1e35b29c89b8125f31d3fb16f1f59f538548f7f2e7424f06fc957e330cca8f16e0efe534a4772699454cd1778a82d4647d
 SHA512 (pgp.asc) = 09f7012030d68831dfc083d67ca63ee54ed851482ca8d0e9505b444ee3e7ddeed62369b53f2917c9b2e0e57cc0533fce46e8cafd2ebcd1c6cb186b516efd0ad2
--- a/squid-3.0.STABLE1-perlpath.patch
+++ b/squid-3.0.STABLE1-perlpath.patch
@ -6,5 +6,5 @@ index 4cb0480..4b89910 100755
 -#!/usr/local/bin/perl -Tw
 +#!/usr/bin/perl -Tw
 #
- # * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
+ # * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
 # *
--- a/squid.spec
+++ b/squid.spec
@ -1,8 +1,8 @@
 %define __perl_requires %{SOURCE98}

 Name:     squid
-Version:  4.13
-Release:  3%{?dist}
+Version:  4.14
+Release:  1%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@ -300,6 +300,11 @@ fi


 %changelog
+* Wed Mar 31 2021 Lubos Uhliarik <luhliari@redhat.com> - 7:4.14-1
+- new version 4.14
+- Resolves: #1939927 - CVE-2020-25097 squid: improper input validation may allow
+  a trusted client to perform HTTP Request Smuggling
+
 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 7:4.13-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild