Resolves: RHEL-14802 - squid: multiple issues in HTTP response caching

2023-12-05 10:23:26 +01:00 · 2023-12-05 10:23:26 +01:00 · 3daca6ed19
commit 3daca6ed19
parent 9e13207eac
2 changed files with 3917 additions and 1 deletions
--- a/squid-5.5-CVE-2023-5824.patch
+++ b/squid-5.5-CVE-2023-5824.patch
--- a/squid.spec
+++ b/squid.spec
@ -2,7 +2,7 @@

 Name:     squid
 Version:  5.5
-Release:  7%{?dist}
+Release:  8%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@ -58,6 +58,8 @@ Patch503: squid-5.5-CVE-2023-46846.patch
 Patch504: squid-5.5-CVE-2023-46847.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2245919
 Patch505: squid-5.5-CVE-2023-46848.patch
+# https://issues.redhat.com/browse/RHEL-14802
+Patch506: squid-5.5-CVE-2023-5824.patch

 # cache_swap.sh
 Requires: bash gawk
@ -138,6 +140,7 @@ lookup program (dnsserver), a program for retrieving FTP data
 %patch503 -p1 -b .CVE-2023-46846
 %patch504 -p1 -b .CVE-2023-46847
 %patch505 -p1 -b .CVE-2023-46848
+%patch506 -p1 -b .CVE-2023-5824

 # https://bugzilla.redhat.com/show_bug.cgi?id=1679526
 # Patch in the vendor documentation and used different location for documentation
@ -364,6 +367,9 @@ fi


 %changelog
+* Tue Dec 05 2023 Tomas Korbar <tkorbar@redhat.com> - 7:5.5-8
+- Resolves: RHEL-14802 - squid: multiple issues in HTTP response caching
+
 * Sun Nov 12 2023 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-7
 - Resolves: RHEL-14820 - squid: squid: denial of Servicein FTP
 - Resolves: RHEL-14809 - squid: squid: Denial of Service in HTTP Digest