Upgrade rawhide too.

squid.spec

@@ -5,7 +5,7 @@
 Summary: The Squid proxy caching server.
 Name: squid
 Version: 2.5.STABLE7
-Release: 3
+Release: 4
 Epoch: 7
 License: GPL
 Group: System Environment/Daemons
@@ -47,6 +47,8 @@ Patch119: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-http
 Patch120: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ftp_datachannel.patch
 Patch121: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-short_icons_urls.patch
 Patch122: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-response_splitting.patch
+Patch123: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patch
+Patch124: http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 Prereq: /sbin/chkconfig logrotate shadow-utils
@@ -98,6 +100,8 @@ lookup program (dnsserver), a program for retrieving FTP data
 %patch120 -p1
 %patch121 -p1
 %patch122 -p1
+%patch123 -p1
+%patch124 -p1
 
 %build
  export CFLAGS="-fPIE -Os -g -pipe -fsigned-char" ; export LDFLAGS=-pie ;
@@ -317,6 +321,11 @@ fi
 chgrp squid /var/cache/samba/winbindd_privileged > /dev/null 2>& 1 || true
 
 %changelog
+* Tue Feb 1 2005 Jay Fenlason <fenlason@redhat.com: 7:2.5.STABLE7-4
+- Include two more upstream patches for security vulns:
+  bz#146783 Correct handling of oversized reply headers
+  bz#146778 CAN-2005-0211 Buffer overflow in WCCP recvfrom() call
+
 * Tue Jan 25 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE7-3
 - Include more upstream patches, including two for security holes.