From 6925791e4002ad8f93349268016c5e669e27844f Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jan 11 2021 01:50:59 +0000 Subject: import squid-4.11-4.module+el8.4.0+9038+276d2d9f --- diff --git a/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch b/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch new file mode 100644 index 0000000..88c903e --- /dev/null +++ b/SOURCES/squid-4.11-cache-mgr-auth-strdup.patch @@ -0,0 +1,27 @@ +diff --git a/tools/cachemgr.cc b/tools/cachemgr.cc +index 36d8e38..50bb9b6 100644 +--- a/tools/cachemgr.cc ++++ b/tools/cachemgr.cc +@@ -1092,14 +1092,20 @@ make_pub_auth(cachemgr_request * req) + if (!req->passwd || !strlen(req->passwd)) + return; + ++ auto *rfc1738_username = xstrdup(rfc1738_escape(safe_str(req->user_name))); ++ auto *rfc1738_passwd = xstrdup(rfc1738_escape(req->passwd)); ++ + /* host | time | user | passwd */ + const int bufLen = snprintf(buf, sizeof(buf), "%s|%d|%s|%s", + req->hostname, + (int) now, +- rfc1738_escape(safe_str(req->user_name)), +- rfc1738_escape(req->passwd)); ++ rfc1738_username, ++ rfc1738_passwd); + debug("cmgr: pre-encoded for pub: %s\n", buf); + ++ safe_free(rfc1738_username); ++ safe_free(rfc1738_passwd); ++ + const int encodedLen = base64_encode_len(bufLen); + req->pub_auth = (char *) xmalloc(encodedLen); + struct base64_encode_ctx ctx; diff --git a/SPECS/squid.spec b/SPECS/squid.spec index 597f1a1..af20506 100644 --- a/SPECS/squid.spec +++ b/SPECS/squid.spec @@ -2,7 +2,7 @@ Name: squid Version: 4.11 -Release: 3%{?dist} +Release: 4%{?dist} Summary: The Squid proxy caching server Epoch: 7 # See CREDITS for breakdown of non GPLv2+ code @@ -36,6 +36,8 @@ Patch206: squid-4.11-active-ftp.patch # https://github.com/squid-cache/squid/commit/c26cd1cb6a60ff196ef13c00e82576d3bfeb2e30 Patch207: squid-4.11-systemd.patch Patch208: squid-4.11-convert-ipv4.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1890606 +Patch209: squid-4.11-cache-mgr-auth-strdup.patch # Security fixes # https://bugzilla.redhat.com/show_bug.cgi?id=1852554 @@ -109,6 +111,7 @@ lookup program (dnsserver), a program for retrieving FTP data %patch206 -p1 -b .active-ftp %patch207 -p1 -b .systemd %patch208 -p1 -R -b .convert-ipv4 +%patch209 -p1 -b .cachemgr-strdup # Security patches %patch500 -p1 -b .cve-2020-14058 @@ -332,6 +335,10 @@ fi %changelog +* Mon Oct 26 2020 Lubos Uhliarik - 7:4.11-4 +- Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in + cachemgr.cgi + * Wed Aug 26 2020 Lubos Uhliarik - 7:4.11-3 - Resolves: #1871705 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS