From 49b118ea6db8eee87e5fd3c544f79594ac85a49b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= Date: Mon, 1 Jul 2024 12:13:11 +0200 Subject: [PATCH] new version 6.10 Resolves: RHEL-45048 - squid: Out-of-bounds write error maylead to Denial of Service (CVE-2024-37894) --- sources | 4 +- squid-6.7-gcc-14.patch | 123 ----------------------------------------- squid.spec | 11 ++-- 3 files changed, 9 insertions(+), 129 deletions(-) delete mode 100644 squid-6.7-gcc-14.patch diff --git a/sources b/sources index d17889d..38903ce 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (squid-6.7.tar.xz) = 6221437056c600119fe9ff1ceeeaa9955cf9f21df481ad29a3515f8439a41b779d51f37b820b75641d0d4d6de54554f6f924dbd347834bf4a6ad6b5b317084a0 -SHA512 (squid-6.7.tar.xz.asc) = 4a1f9d123ce6b5a600d9d2dd3af95a7ce98bfe28ba42d1281ab1f3d7f220f8738a4320afb85eeba1bf9d31e722ffaccd2d89cbefcd11e6b6ea31fe237ccf9a8c +SHA512 (squid-6.10.tar.xz) = c0b75c3d383b1cd234b30dd02e84e1c5655fc53f63b75704bf4bac9ee0b86ba27e4656116893aff8b95dea19ff1befabcbb9dab3875da52fcb65f1d30f0fe5a9 +SHA512 (squid-6.10.tar.xz.asc) = 5e9d053db90549760f7a675d9f4703ecde460906cb09dff489f9db5d0f7826fb30487c9b009cc4577f3f061f3c7b3a667418af298f55f882f696884dc536bf53 SHA512 (pgp.asc) = b1e1dd5ead34711f064a12a324b2f156ad4835330d861eae4032926b8a6cd07c0eacc76f52518d47ed5a8ead4695f5abd02f2b4190af8e7833bd3ea31453569d diff --git a/squid-6.7-gcc-14.patch b/squid-6.7-gcc-14.patch deleted file mode 100644 index 283f5ec..0000000 --- a/squid-6.7-gcc-14.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 7080c9ea3c761f4ac67e3341bbc371383e4e739b Mon Sep 17 00:00:00 2001 -From: Amos Jeffries -Date: Wed, 14 Feb 2024 03:07:20 +1300 -Subject: [PATCH 1/4] Fix undefined std::find - ---- - src/helper/Reply.cc | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/helper/Reply.cc b/src/helper/Reply.cc -index 93cd5c84322..2e5e92aa2be 100644 ---- a/src/helper/Reply.cc -+++ b/src/helper/Reply.cc -@@ -17,6 +17,8 @@ - #include "rfc1738.h" - #include "SquidString.h" - -+#include -+ - Helper::Reply::Reply() : - result(Helper::Unknown) - { - -From 906884bf2565025cbc5b322c47425defa07f1f8e Mon Sep 17 00:00:00 2001 -From: Amos Jeffries -Date: Wed, 14 Feb 2024 03:51:17 +1300 -Subject: [PATCH 2/4] Fix error: 'InstanceId<...>::InstanceId(const - InstanceId<...> &)' is private within this context - ---- - src/base/InstanceId.h | 5 +---- - 1 file changed, 1 insertion(+), 4 deletions(-) - -diff --git a/src/base/InstanceId.h b/src/base/InstanceId.h -index a48be882cc4..c4dd4090b00 100644 ---- a/src/base/InstanceId.h -+++ b/src/base/InstanceId.h -@@ -49,6 +49,7 @@ class InstanceId - typedef ValueType Value; ///< id storage type - - InstanceId() {change();} -+ InstanceId(const InstanceId &); ///< no copying; IDs are unique - - operator Value() const { return value; } - bool operator ==(const InstanceId &o) const { return value == o.value; } -@@ -67,10 +68,6 @@ class InstanceId - - public: - Value value = Value(); ///< instance identifier -- --private: -- InstanceId(const InstanceId &); ///< not implemented; IDs are unique -- InstanceId& operator=(const InstanceId &); ///< not implemented - }; - - /// An InstanceIdDefinitions() helper. Avoid direct use. - -From 2631e20bf8adc2102ba039baf86c1c64c158431f Mon Sep 17 00:00:00 2001 -From: Amos Jeffries -Date: Wed, 14 Feb 2024 03:58:47 +1300 -Subject: [PATCH 3/4] =?UTF-8?q?Fix=20error:=20=E2=80=98void*=20calloc(size?= - =?UTF-8?q?=5Ft,=20size=5Ft)=E2=80=99=20sizes?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -... specified with ‘sizeof’ in the earlier argument -and not in the later argument [-Werror=calloc-transposed-args] ---- - src/auth/basic/LDAP/basic_ldap_auth.cc | 2 +- - src/auth/digest/eDirectory/edir_ldapext.cc | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/auth/basic/LDAP/basic_ldap_auth.cc b/src/auth/basic/LDAP/basic_ldap_auth.cc -index 4d9a78574cb..f79a5b88984 100644 ---- a/src/auth/basic/LDAP/basic_ldap_auth.cc -+++ b/src/auth/basic/LDAP/basic_ldap_auth.cc -@@ -795,7 +795,7 @@ readSecret(const char *filename) - if ((e = strrchr(buf, '\r'))) - *e = 0; - -- passwd = (char *) calloc(sizeof(char), strlen(buf) + 1); -+ passwd = static_cast(calloc(strlen(buf) + 1, sizeof(char))); - if (!passwd) { - fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n"); - exit(EXIT_FAILURE); -diff --git a/src/auth/digest/eDirectory/edir_ldapext.cc b/src/auth/digest/eDirectory/edir_ldapext.cc -index f34341c912c..13e7daca67b 100644 ---- a/src/auth/digest/eDirectory/edir_ldapext.cc -+++ b/src/auth/digest/eDirectory/edir_ldapext.cc -@@ -69,7 +69,7 @@ - - #define NMAS_LDAP_EXT_VERSION 1 - --#define SMB_MALLOC_ARRAY(type, nelem) calloc(sizeof(type), nelem) -+#define SMB_MALLOC_ARRAY(type, nelem) calloc(nelem, sizeof(type)) - #define DEBUG(level, args) - - /********************************************************************** - -From 535606d99e04f3479af07c471768af688ff790cb Mon Sep 17 00:00:00 2001 -From: Amos Jeffries -Date: Wed, 14 Feb 2024 05:52:05 +1300 -Subject: [PATCH 4/4] Update src/base/InstanceId.h - -Co-authored-by: Alex Rousskov ---- - src/base/InstanceId.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/base/InstanceId.h b/src/base/InstanceId.h -index c4dd4090b00..d3e2ebb2b2e 100644 ---- a/src/base/InstanceId.h -+++ b/src/base/InstanceId.h -@@ -49,7 +49,7 @@ class InstanceId - typedef ValueType Value; ///< id storage type - - InstanceId() {change();} -- InstanceId(const InstanceId &); ///< no copying; IDs are unique -+ InstanceId(InstanceId &&) = delete; // no copying/moving of any kind - - operator Value() const { return value; } - bool operator ==(const InstanceId &o) const { return value == o.value; } diff --git a/squid.spec b/squid.spec index f90afe8..ecf3f0a 100644 --- a/squid.spec +++ b/squid.spec @@ -1,8 +1,8 @@ %define __perl_requires %{SOURCE98} Name: squid -Version: 6.7 -Release: 2%{?dist} +Version: 6.10 +Release: 1%{?dist} Summary: The Squid proxy caching server Epoch: 7 # See CREDITS for breakdown of non GPLv2+ code @@ -38,8 +38,6 @@ Patch203: squid-6.1-perlpath.patch Patch204: squid-6.1-symlink-lang-err.patch # Upstream PR: https://github.com/squid-cache/squid/pull/1442 Patch205: squid-6.1-crash-half-closed.patch -# https://github.com/squid-cache/squid/pull/1673 -Patch206: squid-6.7-gcc-14.patch # cache_swap.sh Requires: bash gawk @@ -326,6 +324,11 @@ fi %changelog +* Mon Jul 01 2024 Luboš Uhliarik - 7:6.10-1 +- new version 6.10 +- Resolves: RHEL-45048 - squid: Out-of-bounds write error may lead to Denial of + Service (CVE-2024-37894) + * Mon Jun 24 2024 Troy Dawson - 7:6.7-2 - Bump release for June 2024 mass rebuild