bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks

CVE-1999-0710 cachemgr malicious use
This commit is contained in:
fenlason 2005-05-12 15:00:28 +00:00
parent 008f5aeff3
commit a319e6ab7a

View File

@ -5,7 +5,7 @@
Summary: The Squid proxy caching server. Summary: The Squid proxy caching server.
Name: squid Name: squid
Version: 2.5.STABLE9 Version: 2.5.STABLE9
Release: 4 Release: 6
Epoch: 7 Epoch: 7
License: GPL License: GPL
Group: System Environment/Daemons Group: System Environment/Daemons
@ -49,8 +49,19 @@ Patch126: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-debu
Patch127: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-transparent_port.patch Patch127: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-transparent_port.patch
Patch128: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-squid_k_nohostname.patch Patch128: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-squid_k_nohostname.patch
Patch129: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-config_CRLF.patch Patch129: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-config_CRLF.patch
Patch130: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-forwardcc.patch
Patch131: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-authinfo.patch
Patch132: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-chroot_pidfile.patch
Patch133: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-cachemgr_conf.patch
Patch134: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-aufs_improvement.patch
Patch135: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9_2GB-hot_cache.patch
Patch136: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-diskd.patch
Patch137: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-snmp.patch
Patch138: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-arpacl.patch
Patch139: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-dstdomain_ip.patch
Patch140: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-dns_query-4.patch
Patch141: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-2GB_assert.patch
Patch142: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-always_direct_documentation.patch
# Local patches # Local patches
# Applying upstream patches first makes it less likely that local patches # Applying upstream patches first makes it less likely that local patches
@ -113,6 +124,19 @@ lookup program (dnsserver), a program for retrieving FTP data
%patch127 -p1 %patch127 -p1
%patch128 -p1 %patch128 -p1
%patch129 -p1 %patch129 -p1
%patch130 -p1
%patch131 -p1
%patch132 -p1
%patch133 -p1
%patch134 -p1
%patch135 -p1
%patch136 -p1
%patch137 -p1
%patch138 -p1
%patch139 -p1
%patch140 -p1
%patch141 -p1
%patch142 -p1
%patch201 -p1 -b .config %patch201 -p1 -b .config
%patch202 -p1 -b .location %patch202 -p1 -b .location
@ -201,6 +225,7 @@ rm -rf $RPM_BUILD_ROOT
%attr(750,squid,squid) %dir /var/spool/squid %attr(750,squid,squid) %dir /var/spool/squid
%attr(644,root,root) /etc/pam.d/squid %attr(644,root,root) /etc/pam.d/squid
%config(noreplace) %attr(640,root,squid) /etc/squid/squid.conf %config(noreplace) %attr(640,root,squid) /etc/squid/squid.conf
%config(noreplace) %attr(640,root,squid) /etc/squid/cachemgr.conf
%config(noreplace) /etc/squid/mime.conf %config(noreplace) /etc/squid/mime.conf
%config(noreplace) /etc/sysconfig/squid %config(noreplace) /etc/sysconfig/squid
%config(noreplace) /etc/squid/msntauth.conf %config(noreplace) /etc/squid/msntauth.conf
@ -339,6 +364,14 @@ fi
chgrp squid /var/cache/samba/winbindd_privileged > /dev/null 2>& 1 || true chgrp squid /var/cache/samba/winbindd_privileged > /dev/null 2>& 1 || true
%changelog %changelog
* Wed May 11 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-6
- More upstream patches, including a fix for
bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks
* Tue Apr 26 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-5
- more upstream patches, including a fix for
CVE-1999-0710 cachemgr malicious use
* Fri Apr 22 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-4 * Fri Apr 22 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-4
- More upstream patches, including the fixed 2GB patch. - More upstream patches, including the fixed 2GB patch.
- include the -libbind patch, which prevents squid from using the optional - include the -libbind patch, which prevents squid from using the optional