From 97c88c41b5186a1ecf59782fba9cbd0d79484847 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= Date: Tue, 28 Apr 2026 14:59:26 +0200 Subject: [PATCH] Resolves: RHEL-157474 - squid should use systemd-tmpfiles to create directories under /var/ --- squid.spec | 19 ++++++++++--------- squid.tmpfiles | 3 +++ 2 files changed, 13 insertions(+), 9 deletions(-) create mode 100644 squid.tmpfiles diff --git a/squid.spec b/squid.spec index 4c2096f..3e20def 100644 --- a/squid.spec +++ b/squid.spec @@ -2,7 +2,7 @@ Name: squid Version: 6.10 -Release: 12%{?dist} +Release: 13%{?dist} Summary: The Squid proxy caching server Epoch: 7 # See CREDITS for breakdown of non GPLv2+ code @@ -19,6 +19,7 @@ Source6: squid.nm Source7: squid.service Source8: cache_swap.sh Source9: squid.sysusers +Source10: squid.tmpfiles Source98: perl-requires-squid.sh @@ -216,14 +217,6 @@ mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/squid mkdir -p $RPM_BUILD_ROOT/run/squid chmod 644 contrib/url-normalizer.pl contrib/user-agents.pl -# install /usr/lib/tmpfiles.d/squid.conf -mkdir -p ${RPM_BUILD_ROOT}%{_tmpfilesdir} -cat > ${RPM_BUILD_ROOT}%{_tmpfilesdir}/squid.conf < - 7:6.10-13 +- Resolves: RHEL-157474 - squid should use systemd-tmpfiles to create + directories under /var/ + * Wed Apr 22 2026 Luboš Uhliarik - 7:6.10-12 - Resolves: RHEL-160670 - squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling (CVE-2026-33526) diff --git a/squid.tmpfiles b/squid.tmpfiles new file mode 100644 index 0000000..14323da --- /dev/null +++ b/squid.tmpfiles @@ -0,0 +1,3 @@ +d /run/squid 0755 squid squid - - +d /var/log/squid 0770 squid root - - +d /var/spool/squid 0750 squid squid - -