bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks
CVE-1999-0710 cachemgr malicious use
This commit is contained in:
parent
008f5aeff3
commit
a319e6ab7a
39
squid.spec
39
squid.spec
@ -5,7 +5,7 @@
|
|||||||
Summary: The Squid proxy caching server.
|
Summary: The Squid proxy caching server.
|
||||||
Name: squid
|
Name: squid
|
||||||
Version: 2.5.STABLE9
|
Version: 2.5.STABLE9
|
||||||
Release: 4
|
Release: 6
|
||||||
Epoch: 7
|
Epoch: 7
|
||||||
License: GPL
|
License: GPL
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
@ -49,8 +49,19 @@ Patch126: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-debu
|
|||||||
Patch127: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-transparent_port.patch
|
Patch127: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-transparent_port.patch
|
||||||
Patch128: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-squid_k_nohostname.patch
|
Patch128: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-squid_k_nohostname.patch
|
||||||
Patch129: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-config_CRLF.patch
|
Patch129: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-config_CRLF.patch
|
||||||
|
Patch130: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-forwardcc.patch
|
||||||
|
Patch131: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-authinfo.patch
|
||||||
|
Patch132: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-chroot_pidfile.patch
|
||||||
|
Patch133: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-cachemgr_conf.patch
|
||||||
|
Patch134: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-aufs_improvement.patch
|
||||||
|
Patch135: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9_2GB-hot_cache.patch
|
||||||
|
Patch136: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-diskd.patch
|
||||||
|
Patch137: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-snmp.patch
|
||||||
|
Patch138: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-arpacl.patch
|
||||||
|
Patch139: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-dstdomain_ip.patch
|
||||||
|
Patch140: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-dns_query-4.patch
|
||||||
|
Patch141: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-2GB_assert.patch
|
||||||
|
Patch142: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-always_direct_documentation.patch
|
||||||
|
|
||||||
# Local patches
|
# Local patches
|
||||||
# Applying upstream patches first makes it less likely that local patches
|
# Applying upstream patches first makes it less likely that local patches
|
||||||
@ -113,6 +124,19 @@ lookup program (dnsserver), a program for retrieving FTP data
|
|||||||
%patch127 -p1
|
%patch127 -p1
|
||||||
%patch128 -p1
|
%patch128 -p1
|
||||||
%patch129 -p1
|
%patch129 -p1
|
||||||
|
%patch130 -p1
|
||||||
|
%patch131 -p1
|
||||||
|
%patch132 -p1
|
||||||
|
%patch133 -p1
|
||||||
|
%patch134 -p1
|
||||||
|
%patch135 -p1
|
||||||
|
%patch136 -p1
|
||||||
|
%patch137 -p1
|
||||||
|
%patch138 -p1
|
||||||
|
%patch139 -p1
|
||||||
|
%patch140 -p1
|
||||||
|
%patch141 -p1
|
||||||
|
%patch142 -p1
|
||||||
|
|
||||||
%patch201 -p1 -b .config
|
%patch201 -p1 -b .config
|
||||||
%patch202 -p1 -b .location
|
%patch202 -p1 -b .location
|
||||||
@ -201,6 +225,7 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%attr(750,squid,squid) %dir /var/spool/squid
|
%attr(750,squid,squid) %dir /var/spool/squid
|
||||||
%attr(644,root,root) /etc/pam.d/squid
|
%attr(644,root,root) /etc/pam.d/squid
|
||||||
%config(noreplace) %attr(640,root,squid) /etc/squid/squid.conf
|
%config(noreplace) %attr(640,root,squid) /etc/squid/squid.conf
|
||||||
|
%config(noreplace) %attr(640,root,squid) /etc/squid/cachemgr.conf
|
||||||
%config(noreplace) /etc/squid/mime.conf
|
%config(noreplace) /etc/squid/mime.conf
|
||||||
%config(noreplace) /etc/sysconfig/squid
|
%config(noreplace) /etc/sysconfig/squid
|
||||||
%config(noreplace) /etc/squid/msntauth.conf
|
%config(noreplace) /etc/squid/msntauth.conf
|
||||||
@ -339,6 +364,14 @@ fi
|
|||||||
chgrp squid /var/cache/samba/winbindd_privileged > /dev/null 2>& 1 || true
|
chgrp squid /var/cache/samba/winbindd_privileged > /dev/null 2>& 1 || true
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed May 11 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-6
|
||||||
|
- More upstream patches, including a fix for
|
||||||
|
bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks
|
||||||
|
|
||||||
|
* Tue Apr 26 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-5
|
||||||
|
- more upstream patches, including a fix for
|
||||||
|
CVE-1999-0710 cachemgr malicious use
|
||||||
|
|
||||||
* Fri Apr 22 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-4
|
* Fri Apr 22 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-4
|
||||||
- More upstream patches, including the fixed 2GB patch.
|
- More upstream patches, including the fixed 2GB patch.
|
||||||
- include the -libbind patch, which prevents squid from using the optional
|
- include the -libbind patch, which prevents squid from using the optional
|
||||||
|
Loading…
Reference in New Issue
Block a user