rpms/squid
7
0
Fork 0
Code Issues Pull Requests Releases Activity

CVE-2013-0189: Incomplete fix for the CVE-2012-5643

Browse Source
This commit is contained in:
Michal Luscon 2013-01-25 10:17:48 +01:00
parent 945bf74352
commit 45b9819170
2 changed files with 91 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
CVE-2013-0189.patch Normal file
View File

@ -0,0 +1,85 @@
------------------------------------------------------------
revno: 11743
revision-id: squid3@treenet.co.nz-20130101052914-r4lk62270w4sh498
parent: squid3@treenet.co.nz-20121230074717-y9oekp0bfabt6szv
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.2
timestamp: Mon 2012-12-31 22:29:14 -0700
message:
Additional pieces of SQUID-2012:1
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20130101052914-r4lk62270w4sh498
# target_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_2
# testament_sha1: 3cf80543cf33a78ae27d5178a8e9958854350ca3
# timestamp: 2013-01-01 05:35:26 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_2
# base_revision_id: squid3@treenet.co.nz-20121230074717-\
# y9oekp0bfabt6szv
#
# Begin patch
=== modified file 'tools/cachemgr.cc'
--- ./tools/cachemgr.cc 2012-11-29 11:15:32 +0000
+++ ./tools/cachemgr.cc 2013-01-01 05:29:14 +0000
@@ -980,10 +980,10 @@
// limit the input to something reasonable.
// 4KB should be enough for the GET/POST data length, but may be extended.
- size_t bufLen = (len >= 4096 ? len : 4095);
+ size_t bufLen = (len < 4096 ? len : 4095);
char *buf = (char *)xmalloc(bufLen + 1);
- size_t readLen = fread(buf, bufLen, 1, stdin);
+ size_t readLen = fread(buf, 1, bufLen, stdin);
if (readLen == 0) {
xfree(buf);
return NULL;
@@ -994,7 +994,7 @@
// purge the remainder of the request entity
while (len > 0) {
char temp[65535];
- readLen = fread(temp, 65535, 1, stdin);
+ readLen = fread(temp, 1, 65535, stdin);
len -= readLen;
}
------------------------------------------------------------
revno: 11744
revision-id: squid3@treenet.co.nz-20130108224018-5g5t67qy79rnboih
parent: squid3@treenet.co.nz-20130101052914-r4lk62270w4sh498
author: Eygene Ryabinkin <rea@freebsd.org>
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.2
timestamp: Tue 2013-01-08 15:40:18 -0700
message:
Another piece of SQUID-2012:1
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20130108224018-5g5t67qy79rnboih
# target_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_2
# testament_sha1: 0e05b63f51b67c2f34ddd5955b266c06fca288db
# timestamp: 2013-01-08 22:45:41 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_2
# base_revision_id: squid3@treenet.co.nz-20130101052914-\
# r4lk62270w4sh498
#
# Begin patch
=== modified file 'tools/cachemgr.cc'
--- ./tools/cachemgr.cc 2013-01-01 05:29:14 +0000
+++ ./tools/cachemgr.cc 2013-01-08 22:40:18 +0000
@@ -992,7 +992,7 @@
len -= readLen;
// purge the remainder of the request entity
- while (len > 0) {
+ while (len > 0 && readLen) {
char temp[65535];
readLen = fread(temp, 1, 65535, stdin);
len -= readLen;

7
squid.spec
View File

@ -4,7 +4,7 @@
Name: squid Name: squid
Version: 3.2.5 Version: 3.2.5
Release: 1%{?dist} Release: 2%{?dist}
Summary: The Squid proxy caching server Summary: The Squid proxy caching server
Epoch: 7 Epoch: 7
# See CREDITS for breakdown of non GPLv2+ code # See CREDITS for breakdown of non GPLv2+ code
@ -37,6 +37,7 @@ Patch202: squid-3.1.0.9-location.patch
Patch203: squid-3.0.STABLE1-perlpath.patch Patch203: squid-3.0.STABLE1-perlpath.patch
Patch204: squid-3.2.0.9-fpic.patch Patch204: squid-3.2.0.9-fpic.patch
Patch205: squid-3.1.9-ltdl.patch Patch205: squid-3.1.9-ltdl.patch
Patch206: CVE-2013-0189.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: bash >= 2.0 Requires: bash >= 2.0
@ -104,6 +105,7 @@ The squid-sysvinit contains SysV initscritps support.
%patch203 -p1 -b .perlpath %patch203 -p1 -b .perlpath
%patch204 -p1 -b .fpic %patch204 -p1 -b .fpic
%patch205 -p1 -b .ltdl %patch205 -p1 -b .ltdl
%patch206 -p1 -b .CVE-2013-0189
%build %build
%ifarch sparcv9 sparc64 s390 s390x %ifarch sparcv9 sparc64 s390 s390x
@ -307,6 +309,9 @@ fi
/sbin/chkconfig --add squid >/dev/null 2>&1 || : /sbin/chkconfig --add squid >/dev/null 2>&1 || :
%changelog %changelog
* Thu Jan 24 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.5-2
- CVE-2013-0189: Incomplete fix for the CVE-2012-5643
* Mon Dec 17 2012 Michal Luscon <mluscon@redhat.com> - 7:3.2.5-1 * Mon Dec 17 2012 Michal Luscon <mluscon@redhat.com> - 7:3.2.5-1
- Update to latest upstream version 3.2.5 - Update to latest upstream version 3.2.5