From a319e6ab7a6489dad244f243be9b594170641adb Mon Sep 17 00:00:00 2001 From: fenlason Date: Thu, 12 May 2005 15:00:28 +0000 Subject: [PATCH] bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks CVE-1999-0710 cachemgr malicious use --- squid.spec | 39 ++++++++++++++++++++++++++++++++++++--- 1 file changed, 36 insertions(+), 3 deletions(-) diff --git a/squid.spec b/squid.spec index a34f5c3..06c2ced 100644 --- a/squid.spec +++ b/squid.spec @@ -5,7 +5,7 @@ Summary: The Squid proxy caching server. Name: squid Version: 2.5.STABLE9 -Release: 4 +Release: 6 Epoch: 7 License: GPL Group: System Environment/Daemons @@ -49,8 +49,19 @@ Patch126: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-debu Patch127: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-transparent_port.patch Patch128: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-squid_k_nohostname.patch Patch129: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-config_CRLF.patch - - +Patch130: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-forwardcc.patch +Patch131: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-authinfo.patch +Patch132: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-chroot_pidfile.patch +Patch133: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-cachemgr_conf.patch +Patch134: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-aufs_improvement.patch +Patch135: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9_2GB-hot_cache.patch +Patch136: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-diskd.patch +Patch137: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-snmp.patch +Patch138: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-arpacl.patch +Patch139: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-dstdomain_ip.patch +Patch140: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-dns_query-4.patch +Patch141: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-2GB_assert.patch +Patch142: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-always_direct_documentation.patch # Local patches # Applying upstream patches first makes it less likely that local patches @@ -113,6 +124,19 @@ lookup program (dnsserver), a program for retrieving FTP data %patch127 -p1 %patch128 -p1 %patch129 -p1 +%patch130 -p1 +%patch131 -p1 +%patch132 -p1 +%patch133 -p1 +%patch134 -p1 +%patch135 -p1 +%patch136 -p1 +%patch137 -p1 +%patch138 -p1 +%patch139 -p1 +%patch140 -p1 +%patch141 -p1 +%patch142 -p1 %patch201 -p1 -b .config %patch202 -p1 -b .location @@ -201,6 +225,7 @@ rm -rf $RPM_BUILD_ROOT %attr(750,squid,squid) %dir /var/spool/squid %attr(644,root,root) /etc/pam.d/squid %config(noreplace) %attr(640,root,squid) /etc/squid/squid.conf +%config(noreplace) %attr(640,root,squid) /etc/squid/cachemgr.conf %config(noreplace) /etc/squid/mime.conf %config(noreplace) /etc/sysconfig/squid %config(noreplace) /etc/squid/msntauth.conf @@ -339,6 +364,14 @@ fi chgrp squid /var/cache/samba/winbindd_privileged > /dev/null 2>& 1 || true %changelog +* Wed May 11 2005 Jay Fenlason 7:2.5.STABLE9-6 +- More upstream patches, including a fix for + bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks + +* Tue Apr 26 2005 Jay Fenlason 7:2.5.STABLE9-5 +- more upstream patches, including a fix for + CVE-1999-0710 cachemgr malicious use + * Fri Apr 22 2005 Jay Fenlason 7:2.5.STABLE9-4 - More upstream patches, including the fixed 2GB patch. - include the -libbind patch, which prevents squid from using the optional