* [PATCH] squid: Update to 6.6 @ 2023-12-09 7:56 Matthias Fischer 2023-12-09 22:05 ` Adolf Belka 0 siblings, 1 reply; 5+ messages in thread From: Matthias Fischer @ 2023-12-09 7:56 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 889 bytes --] For details see: https://github.com/squid-cache/squid/commits/v6 Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> --- lfs/squid | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/squid b/lfs/squid index d92341794..c0f465c16 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@ include Config -VER = 6.5 +VER = 6.6 THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -46,7 +46,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 91ed91f9b0f56f440a7f15a63bbc3e19537b60bc8b31b5bf7e16884367d0da060c5490e1721dbd7c5fce7f4a4e958fb3554d6bdc5b55f568598f907722b651de +$(DL_FILE)_BLAKE2 = 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4ff4405d7963a643c6766344e6492505bc1b33f3040ad800b3d7a3ad6a4b067b031ac4d178ddcac04c6e74dc install : $(TARGET) -- 2.34.1 ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid: Update to 6.6 2023-12-09 7:56 [PATCH] squid: Update to 6.6 Matthias Fischer @ 2023-12-09 22:05 ` Adolf Belka 2023-12-11 19:41 ` Michael Tremer 0 siblings, 1 reply; 5+ messages in thread From: Adolf Belka @ 2023-12-09 22:05 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1047 bytes --] Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org> On 09/12/2023 08:56, Matthias Fischer wrote: > For details see: > https://github.com/squid-cache/squid/commits/v6 > > Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> > --- > lfs/squid | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/lfs/squid b/lfs/squid > index d92341794..c0f465c16 100644 > --- a/lfs/squid > +++ b/lfs/squid > @@ -24,7 +24,7 @@ > > include Config > > -VER = 6.5 > +VER = 6.6 > > THISAPP = squid-$(VER) > DL_FILE = $(THISAPP).tar.xz > @@ -46,7 +46,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_BLAKE2 = 91ed91f9b0f56f440a7f15a63bbc3e19537b60bc8b31b5bf7e16884367d0da060c5490e1721dbd7c5fce7f4a4e958fb3554d6bdc5b55f568598f907722b651de > +$(DL_FILE)_BLAKE2 = 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4ff4405d7963a643c6766344e6492505bc1b33f3040ad800b3d7a3ad6a4b067b031ac4d178ddcac04c6e74dc > > install : $(TARGET) > ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid: Update to 6.6 2023-12-09 22:05 ` Adolf Belka @ 2023-12-11 19:41 ` Michael Tremer 2023-12-19 18:20 ` Matthias Fischer 0 siblings, 1 reply; 5+ messages in thread From: Michael Tremer @ 2023-12-11 19:41 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1376 bytes --] Thank you for the patch and review. Is there any urgency here to include this in the update that is currently in testing? Considering that latest history of vulnerabilities in squid, I am happy to ship any fixes as soon as possible. -Michael > On 9 Dec 2023, at 22:05, Adolf Belka <adolf.belka(a)ipfire.org> wrote: > > Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org> > > On 09/12/2023 08:56, Matthias Fischer wrote: >> For details see: >> https://github.com/squid-cache/squid/commits/v6 >> >> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> >> --- >> lfs/squid | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/lfs/squid b/lfs/squid >> index d92341794..c0f465c16 100644 >> --- a/lfs/squid >> +++ b/lfs/squid >> @@ -24,7 +24,7 @@ >> include Config >> -VER = 6.5 >> +VER = 6.6 >> THISAPP = squid-$(VER) >> DL_FILE = $(THISAPP).tar.xz >> @@ -46,7 +46,7 @@ objects = $(DL_FILE) >> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >> -$(DL_FILE)_BLAKE2 = 91ed91f9b0f56f440a7f15a63bbc3e19537b60bc8b31b5bf7e16884367d0da060c5490e1721dbd7c5fce7f4a4e958fb3554d6bdc5b55f568598f907722b651de >> +$(DL_FILE)_BLAKE2 = 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4ff4405d7963a643c6766344e6492505bc1b33f3040ad800b3d7a3ad6a4b067b031ac4d178ddcac04c6e74dc >> install : $(TARGET) >> ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid: Update to 6.6 2023-12-11 19:41 ` Michael Tremer @ 2023-12-19 18:20 ` Matthias Fischer 2023-12-20 10:59 ` Michael Tremer 0 siblings, 1 reply; 5+ messages in thread From: Matthias Fischer @ 2023-12-19 18:20 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 2132 bytes --] Hi, I would recommend updating squid as soon as possible because of CVE-2023-50269. => https://nvd.nist.gov/vuln/detail/CVE-2023-50269 "...Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6..." As far as I can see, we don't use this feature, but... ;-) Jm2c, Matthias On 11.12.2023 20:41, Michael Tremer wrote: > Thank you for the patch and review. > > Is there any urgency here to include this in the update that is currently in testing? Considering that latest history of vulnerabilities in squid, I am happy to ship any fixes as soon as possible. > > -Michael > >> On 9 Dec 2023, at 22:05, Adolf Belka <adolf.belka(a)ipfire.org> wrote: >> >> Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org> >> >> On 09/12/2023 08:56, Matthias Fischer wrote: >>> For details see: >>> https://github.com/squid-cache/squid/commits/v6 >>> >>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> >>> --- >>> lfs/squid | 4 ++-- >>> 1 file changed, 2 insertions(+), 2 deletions(-) >>> >>> diff --git a/lfs/squid b/lfs/squid >>> index d92341794..c0f465c16 100644 >>> --- a/lfs/squid >>> +++ b/lfs/squid >>> @@ -24,7 +24,7 @@ >>> include Config >>> -VER = 6.5 >>> +VER = 6.6 >>> THISAPP = squid-$(VER) >>> DL_FILE = $(THISAPP).tar.xz >>> @@ -46,7 +46,7 @@ objects = $(DL_FILE) >>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>> -$(DL_FILE)_BLAKE2 = 91ed91f9b0f56f440a7f15a63bbc3e19537b60bc8b31b5bf7e16884367d0da060c5490e1721dbd7c5fce7f4a4e958fb3554d6bdc5b55f568598f907722b651de >>> +$(DL_FILE)_BLAKE2 = 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4ff4405d7963a643c6766344e6492505bc1b33f3040ad800b3d7a3ad6a4b067b031ac4d178ddcac04c6e74dc >>> install : $(TARGET) >>> > ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid: Update to 6.6 2023-12-19 18:20 ` Matthias Fischer @ 2023-12-20 10:59 ` Michael Tremer 0 siblings, 0 replies; 5+ messages in thread From: Michael Tremer @ 2023-12-20 10:59 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 2388 bytes --] Right, rather be safe than sorry. I applied this patch to master. Thanks! -Michael > On 19 Dec 2023, at 18:20, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote: > > Hi, > > I would recommend updating squid as soon as possible because of > CVE-2023-50269. > > => https://nvd.nist.gov/vuln/detail/CVE-2023-50269 > > "...Due to an Uncontrolled Recursion bug in versions 2.6 through > 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, > Squid may be vulnerable to a Denial of Service attack against HTTP > Request parsing. This problem allows a remote client to perform Denial > of Service attack by sending a large X-Forwarded-For header when the > follow_x_forwarded_for feature is configured. This bug is fixed by Squid > version 6.6..." > > As far as I can see, we don't use this feature, but... ;-) > > Jm2c, > Matthias > > On 11.12.2023 20:41, Michael Tremer wrote: >> Thank you for the patch and review. >> >> Is there any urgency here to include this in the update that is currently in testing? Considering that latest history of vulnerabilities in squid, I am happy to ship any fixes as soon as possible. >> >> -Michael >> >>> On 9 Dec 2023, at 22:05, Adolf Belka <adolf.belka(a)ipfire.org> wrote: >>> >>> Reviewed-by: Adolf Belka <adolf.belka(a)ipfire.org> >>> >>> On 09/12/2023 08:56, Matthias Fischer wrote: >>>> For details see: >>>> https://github.com/squid-cache/squid/commits/v6 >>>> >>>> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org> >>>> --- >>>> lfs/squid | 4 ++-- >>>> 1 file changed, 2 insertions(+), 2 deletions(-) >>>> >>>> diff --git a/lfs/squid b/lfs/squid >>>> index d92341794..c0f465c16 100644 >>>> --- a/lfs/squid >>>> +++ b/lfs/squid >>>> @@ -24,7 +24,7 @@ >>>> include Config >>>> -VER = 6.5 >>>> +VER = 6.6 >>>> THISAPP = squid-$(VER) >>>> DL_FILE = $(THISAPP).tar.xz >>>> @@ -46,7 +46,7 @@ objects = $(DL_FILE) >>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >>>> -$(DL_FILE)_BLAKE2 = 91ed91f9b0f56f440a7f15a63bbc3e19537b60bc8b31b5bf7e16884367d0da060c5490e1721dbd7c5fce7f4a4e958fb3554d6bdc5b55f568598f907722b651de >>>> +$(DL_FILE)_BLAKE2 = 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4ff4405d7963a643c6766344e6492505bc1b33f3040ad800b3d7a3ad6a4b067b031ac4d178ddcac04c6e74dc >>>> install : $(TARGET) >>>> >> > ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-12-20 10:59 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2023-12-09 7:56 [PATCH] squid: Update to 6.6 Matthias Fischer 2023-12-09 22:05 ` Adolf Belka 2023-12-11 19:41 ` Michael Tremer 2023-12-19 18:20 ` Matthias Fischer 2023-12-20 10:59 ` Michael Tremer
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox