aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2018-02-28 13:16:53 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2018-02-28 13:28:05 +0000
commit034cdecfa97d19069fbd8c757be0bca3b7096645 (patch)
treeae64e24595030bb3f2c3fe0ff6bfda6a326aa9e0
parentb844828751639ed6678a815bc7b40b9508ee8e0b (diff)
downloadaports-034cdecfa97d19069fbd8c757be0bca3b7096645.tar.bz2
aports-034cdecfa97d19069fbd8c757be0bca3b7096645.tar.xz
main/squid: security upgrade to 3.5.27
-rw-r--r--main/squid/APKBUILD19
-rw-r--r--main/squid/bug-3679.patch10
2 files changed, 16 insertions, 13 deletions
diff --git a/main/squid/APKBUILD b/main/squid/APKBUILD
index 72181ae5fe..c9cf958ea4 100644
--- a/main/squid/APKBUILD
+++ b/main/squid/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=squid
-pkgver=3.5.23
+pkgver=3.5.27
pkgrel=0
pkgdesc="A full-featured Web proxy cache server."
url="http://www.squid-cache.org"
@@ -29,6 +29,11 @@ source="http://www.squid-cache.org/Versions/v3/${pkgver%.*}/squid-${pkgver}.tar.
$pkgname.logrotate
"
+# secfixes:
+# 3.5.27-r0:
+# - CVE-2018-1000024
+# - CVE-2018-1000027
+
_builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
@@ -114,18 +119,18 @@ squid_kerb_auth() {
install -d "$subpkgdir"/usr/lib/squid
mv "$pkgdir"/usr/lib/squid/squid_kerb_auth "$subpkgdir"/usr/lib/squid/
}
-md5sums="9b68f689e3d9578932b9c6a4041037c2 squid-3.5.23.tar.xz
-9e71076799d334faba6f4954594e7b4a bug-3679.patch
+md5sums="39ef8199675d48a314b540f92c00c545 squid-3.5.27.tar.xz
+6b3a71eb03818feec3db1f81732cd46e bug-3679.patch
4e42690c129399c84cbe36ab0c538615 squid.initd
73db59e6c1c242dbc748feeb116650e0 squid.confd
58823e0b86bc2dc71d270208b7b284b4 squid.logrotate"
-sha256sums="fa4c0c99f41e92fe1330bed3968d176c6f47ef2e3aea2f83977d5501afa40bdb squid-3.5.23.tar.xz
-6b08cd129ea5fef019c78f1818c628e1070fe767e362da14844396b671f5a18d bug-3679.patch
+sha256sums="5ddb4367f2dc635921f9ca7a59d8b87edb0412fa203d1543393ac3c7f9fef0ec squid-3.5.27.tar.xz
+d6742a296602fe5583b999032ece12292301913ddad8d3a650a82ae6f0dd7bed bug-3679.patch
fe33fa90b860437867bd2c1b083c0e77a6478f63e8998f093c0d466476df4a9b squid.initd
4012fc97d7ab653c8a73c4dac09751de80c847a90ee2483ddd41a04168cdeb2b squid.confd
b6efdb3261c2e4b5074ef49160af8b96e65f934c7fd64b8954df48aa41cd9b67 squid.logrotate"
-sha512sums="3f2b3df60fc0b2aab3d0d9e3489832d60d0aac8222f09ad2ff6afb95202b904f41f6530d713e7ce446c6f62b66f0cd792a6b12005d43c53fe68d2371f9caa880 squid-3.5.23.tar.xz
-b477397f205ba207502a42aae674c85cad85eec831158ea0834361d98ef09a0f103d7a847e101bdd0ece73bbdda9b545960edd5385042bd593733810977e292a bug-3679.patch
+sha512sums="4172a053c3b7ffe7a12dfb3febac96942d0fbbe7e98e3f797f22cd75b0a3a89cbbfe7260b5daad099e79d5e9303bb5dfbfee7499cb30a90590aa1bd242ff4817 squid-3.5.27.tar.xz
+a403573bf3d3d600f7a1ff8639f0f48ac45963b028c7aa09e00f95173b7a9d46c42c21a609d987a18869d850a4be0537c3dc0d0f10398b67509b2a43ccf81776 bug-3679.patch
15d95f7d787be8c2e6619ef1661fd8aae8d2c1ede706748764644c7dc3d7c34515ef6e8b7543295fddc4e767bbd74a7cf8c42e77cf60b3d574ff11b3f6e336c9 squid.initd
7292661de344e8a87d855c83afce49511685d2680effab3afab110e45144c0117935f3bf73ab893c9e6d43f7fb5ba013635e24f6da6daf0eeb895ef2e9b5baa9 squid.confd
89a703fa4f21b6c7c26e64a46fd52407e20f00c34146ade0bea0c4b63d050117c0f8e218f2256a1fbf6abb84f4ec9b0472c9a4092ff6e78f07c4f5a25d0892a5 squid.logrotate"
diff --git a/main/squid/bug-3679.patch b/main/squid/bug-3679.patch
index b718093817..3f4d54de38 100644
--- a/main/squid/bug-3679.patch
+++ b/main/squid/bug-3679.patch
@@ -1,15 +1,13 @@
http://bugs.squid-cache.org/show_bug.cgi?id=3679
-diff --git a/src/external_acl.cc b/src/external_acl.cc
-index b3821c5..d6c4338 100644
--- a/src/external_acl.cc
+++ b/src/external_acl.cc
-@@ -1152,7 +1152,7 @@ external_acl_entry_expired(external_acl * def, external_acl_entry * entry)
- if (def->cache_size <= 0)
+@@ -1243,7 +1243,7 @@
+ if (def->cache_size <= 0 || entry->result == ACCESS_DUNNO)
return 1;
-- if (entry->date + (entry->result == 1 ? def->ttl : def->negative_ttl) < squid_curtime)
-+ if (entry->date + (entry->result == 1 ? def->ttl : def->negative_ttl) <= squid_curtime)
+- if (entry->date + (entry->result == ACCESS_ALLOWED ? def->ttl : def->negative_ttl) < squid_curtime)
++ if (entry->date + (entry->result == ACCESS_ALLOWED ? def->ttl : def->negative_ttl) <= squid_curtime)
return 1;
else
return 0;