diff --git a/.gitignore b/.gitignore
index 6b8f17c..8afdad0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
SOURCES/pgp.asc
-SOURCES/squid-5.2.tar.xz
+SOURCES/squid-5.5.tar.xz
diff --git a/.squid.metadata b/.squid.metadata
index c73edd4..2b3e869 100644
--- a/.squid.metadata
+++ b/.squid.metadata
@@ -1,2 +1,2 @@
8e3de63f3bef0c9c4edbcfe000c567119f687143 SOURCES/pgp.asc
-0568a55c8bf20fbcbfadf126347f3e790945e5d2 SOURCES/squid-5.2.tar.xz
+42302bd9b8feff851a41420334cb8eaeab2806ab SOURCES/squid-5.5.tar.xz
diff --git a/SOURCES/squid-3.0.STABLE1-perlpath.patch b/SOURCES/squid-3.0.STABLE1-perlpath.patch
index 9cb5e81..d927e43 100644
--- a/SOURCES/squid-3.0.STABLE1-perlpath.patch
+++ b/SOURCES/squid-3.0.STABLE1-perlpath.patch
@@ -6,5 +6,5 @@ index 4cb0480..4b89910 100755
-#!/usr/local/bin/perl -Tw
+#!/usr/bin/perl -Tw
#
- # * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
+ # * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
# *
diff --git a/SOURCES/squid-5.0.5-symlink-lang-err.patch b/SOURCES/squid-5.0.5-symlink-lang-err.patch
index 29b5e2c..45d6fe9 100644
--- a/SOURCES/squid-5.0.5-symlink-lang-err.patch
+++ b/SOURCES/squid-5.0.5-symlink-lang-err.patch
@@ -24,18 +24,6 @@ index 7670c88380c..f03c4cf71b4 100644
ro.lang \
- ru.lang
+ ru.lang
-diff --git a/errors/TRANSLATORS b/errors/TRANSLATORS
-index e29bf707678..6ee2df637ad 100644
---- a/errors/TRANSLATORS
-+++ b/errors/TRANSLATORS
-@@ -21,6 +21,7 @@ and ideas to make Squid available as multi-langual software.
- George Machitidze <giomac@gmail.com>
- Henrik Nordström
- Ivan Masár <helix84@centrum.sk>
-+ Javier Pacheco <javier@aex.mx>
- John 'Profic' Ustiuzhanin
- Leandro Cesar Nardini Frasson
- liuyongbing
diff --git a/errors/aliases b/errors/aliases
index 36f17f4b80f..cf0116f297d 100644
--- a/errors/aliases
diff --git a/SOURCES/squid-5.2-CVE-2021-46784.patch b/SOURCES/squid-5.2-CVE-2021-46784.patch
deleted file mode 100644
index c2630d3..0000000
--- a/SOURCES/squid-5.2-CVE-2021-46784.patch
+++ /dev/null
@@ -1,129 +0,0 @@
-From 780c4ea1b4c9d2fb41f6962aa6ed73ae57f74b2b Mon Sep 17 00:00:00 2001
-From: Joshua Rogers <MegaManSec@users.noreply.github.com>
-Date: Mon, 18 Apr 2022 13:42:36 +0000
-Subject: [PATCH] Improve handling of Gopher responses (#1022)
-
----
- src/gopher.cc | 45 ++++++++++++++++++++-------------------------
- 1 file changed, 20 insertions(+), 25 deletions(-)
-
-diff --git a/src/gopher.cc b/src/gopher.cc
-index 169b0e18299..6187da18bcd 100644
---- a/src/gopher.cc
-+++ b/src/gopher.cc
-@@ -371,7 +371,6 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
- char *lpos = NULL;
- char *tline = NULL;
- LOCAL_ARRAY(char, line, TEMP_BUF_SIZE);
-- LOCAL_ARRAY(char, tmpbuf, TEMP_BUF_SIZE);
- char *name = NULL;
- char *selector = NULL;
- char *host = NULL;
-@@ -381,7 +380,6 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
- char gtype;
- StoreEntry *entry = NULL;
-
-- memset(tmpbuf, '\0', TEMP_BUF_SIZE);
- memset(line, '\0', TEMP_BUF_SIZE);
-
- entry = gopherState->entry;
-@@ -416,7 +414,7 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
- return;
- }
-
-- String outbuf;
-+ SBuf outbuf;
-
- if (!gopherState->HTML_header_added) {
- if (gopherState->conversion == GopherStateData::HTML_CSO_RESULT)
-@@ -583,34 +581,34 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
- break;
- }
-
-- memset(tmpbuf, '\0', TEMP_BUF_SIZE);
--
- if ((gtype == GOPHER_TELNET) || (gtype == GOPHER_3270)) {
- if (strlen(escaped_selector) != 0)
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s@%s%s%s/\">%s</A>\n",
-- icon_url, escaped_selector, rfc1738_escape_part(host),
-- *port ? ":" : "", port, html_quote(name));
-+ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s@%s%s%s/\">%s</A>\n",
-+ icon_url, escaped_selector, rfc1738_escape_part(host),
-+ *port ? ":" : "", port, html_quote(name));
- else
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s%s%s/\">%s</A>\n",
-- icon_url, rfc1738_escape_part(host), *port ? ":" : "",
-- port, html_quote(name));
-+ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s%s%s/\">%s</A>\n",
-+ icon_url, rfc1738_escape_part(host), *port ? ":" : "",
-+ port, html_quote(name));
-
- } else if (gtype == GOPHER_INFO) {
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "\t%s\n", html_quote(name));
-+ outbuf.appendf("\t%s\n", html_quote(name));
- } else {
- if (strncmp(selector, "GET /", 5) == 0) {
- /* WWW link */
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"http://%s/%s\">%s</A>\n",
-- icon_url, host, rfc1738_escape_unescaped(selector + 5), html_quote(name));
-+ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"http://%s/%s\">%s</A>\n",
-+ icon_url, host, rfc1738_escape_unescaped(selector + 5), html_quote(name));
-+ } else if (gtype == GOPHER_WWW) {
-+ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n",
-+ icon_url, rfc1738_escape_unescaped(selector), html_quote(name));
- } else {
- /* Standard link */
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n",
-- icon_url, host, gtype, escaped_selector, html_quote(name));
-+ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n",
-+ icon_url, host, gtype, escaped_selector, html_quote(name));
- }
- }
-
- safe_free(escaped_selector);
-- outbuf.append(tmpbuf);
- } else {
- memset(line, '\0', TEMP_BUF_SIZE);
- continue;
-@@ -643,13 +641,12 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
- break;
-
- if (gopherState->cso_recno != recno) {
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "</PRE><HR noshade size=\"1px\"><H2>Record# %d<br><i>%s</i></H2>\n<PRE>", recno, html_quote(result));
-+ outbuf.appendf("</PRE><HR noshade size=\"1px\"><H2>Record# %d<br><i>%s</i></H2>\n<PRE>", recno, html_quote(result));
- gopherState->cso_recno = recno;
- } else {
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "%s\n", html_quote(result));
-+ outbuf.appendf("%s\n", html_quote(result));
- }
-
-- outbuf.append(tmpbuf);
- break;
- } else {
- int code;
-@@ -677,8 +674,7 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
-
- case 502: { /* Too Many Matches */
- /* Print the message the server returns */
-- snprintf(tmpbuf, TEMP_BUF_SIZE, "</PRE><HR noshade size=\"1px\"><H2>%s</H2>\n<PRE>", html_quote(result));
-- outbuf.append(tmpbuf);
-+ outbuf.appendf("</PRE><HR noshade size=\"1px\"><H2>%s</H2>\n<PRE>", html_quote(result));
- break;
- }
-
-@@ -694,13 +690,12 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
-
- } /* while loop */
-
-- if (outbuf.size() > 0) {
-- entry->append(outbuf.rawBuf(), outbuf.size());
-+ if (outbuf.length() > 0) {
-+ entry->append(outbuf.rawContent(), outbuf.length());
- /* now let start sending stuff to client */
- entry->flush();
- }
-
-- outbuf.clean();
- return;
- }
-
diff --git a/SOURCES/squid-5.2-CVE-2022-41318.patch b/SOURCES/squid-5.2-CVE-2022-41318.patch
deleted file mode 100644
index cb303ad..0000000
--- a/SOURCES/squid-5.2-CVE-2022-41318.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-commit 4031c6c2b004190fdffbc19dab7cd0305a2025b7 (refs/remotes/origin/v4, refs/remotes/github/v4, refs/heads/v4)
-Author: Amos Jeffries <yadij@users.noreply.github.com>
-Date: 2022-08-09 23:34:54 +0000
-
- Bug 3193 pt2: NTLM decoder truncating strings (#1114)
-
- The initial bug fix overlooked large 'offset' causing integer
- wrap to extract a too-short length string.
-
- Improve debugs and checks sequence to clarify cases and ensure
- that all are handled correctly.
-
-diff --git a/lib/ntlmauth/ntlmauth.cc b/lib/ntlmauth/ntlmauth.cc
-index 5d9637290..f00fd51f8 100644
---- a/lib/ntlmauth/ntlmauth.cc
-+++ b/lib/ntlmauth/ntlmauth.cc
-@@ -107,10 +107,19 @@ ntlm_fetch_string(const ntlmhdr *packet, const int32_t packet_size, const strhdr
- int32_t o = le32toh(str->offset);
- // debug("ntlm_fetch_string(plength=%d,l=%d,o=%d)\n",packet_size,l,o);
-
-- if (l < 0 || l > NTLM_MAX_FIELD_LENGTH || o + l > packet_size || o == 0) {
-- debug("ntlm_fetch_string: insane data (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
-+ if (l < 0 || l > NTLM_MAX_FIELD_LENGTH) {
-+ debug("ntlm_fetch_string: insane string length (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
- return rv;
- }
-+ else if (o <= 0 || o > packet_size) {
-+ debug("ntlm_fetch_string: insane string offset (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
-+ return rv;
-+ }
-+ else if (l > packet_size - o) {
-+ debug("ntlm_fetch_string: truncated string data (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
-+ return rv;
-+ }
-+
- rv.str = (char *)packet + o;
- rv.l = 0;
- if ((flags & NTLM_NEGOTIATE_ASCII) == 0) {
diff --git a/SOURCES/squid-5.2.tar.xz.asc b/SOURCES/squid-5.2.tar.xz.asc
deleted file mode 100644
index 288ce4d..0000000
--- a/SOURCES/squid-5.2.tar.xz.asc
+++ /dev/null
@@ -1,25 +0,0 @@
-File: squid-5.2.tar.xz
-Date: Sun 03 Oct 2021 15:15:35 UTC
-Size: 2553872
-MD5 : 102984f3ea382a1fa5bd917c2ee155ec
-SHA1: 0568a55c8bf20fbcbfadf126347f3e790945e5d2
-Key : CD6DBF8EF3B17D3E <squid3@treenet.co.nz>
- B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
- keyring = http://www.squid-cache.org/pgp.asc
- keyserver = pool.sks-keyservers.net
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAmFZySIACgkQzW2/jvOx
-fT6sUBAArqj2/hn+a1okSuUWef2x0AtEKXy18aaYTJxF20yq3nNO1jLZYUY9dgpo
-I0R32a8liygQPtfb+FFzQjkoIfpgEsmskndS0/jlOicY7ljw4MfHCLCtmc1xzPIs
-UErI4SFR1H3aIa4yAmbQEhjuCWqBOzLt/UBzOupF89hofT57CZhVNoYgO2IWFu3+
-j2eZmq6nZbBBHBJG3II+FiFuPhTpuiMxdQ1WN84a+XklhIatOWVW8ALX/hBT12KC
-Z9SxixgZQFpCQ9uNfpoCsMVrhWS9tJnUmnOiziWIEKgVHnPOh/uQLxxZvvSUc8Ag
-aUAM2DcDx3QWw1RLx/kJPfpCt2tHEHGfGpd7U5LcTEfDYIyjfwnVF9L1kGuHaT+k
-RW96vq9NFikSKmyEKRZ3EUZNqXJE3dd6pYpOO3GjHRr2fBn1D+UpV90vswTWBrzX
-7gO8aPnnD8/uD6h6pFSBNpAAKpEBS9watDRBlTIEsivaTeZxzob7dk9ZiK8cjsRQ
-jhVTvwQw9r5ong50y1pg5APD3wwipNUjHVMD45XQNbxZAGsZMPnvA0vDFECKJ6iG
-CVwpOc48Fkl6frY0ByddCES4lWzgkkfYtPQGkPYxhOGhaqiRXO8kjk0/Dbw4AJW1
-BoHM9DydPohXuNQZIA19v7lcYvQShCmp3xbUoQ45AwZno4DpAAA=
-=PQ84
------END PGP SIGNATURE-----
diff --git a/SOURCES/squid-5.5-CVE-2021-46784.patch b/SOURCES/squid-5.5-CVE-2021-46784.patch
new file mode 100644
index 0000000..4e5e796
--- /dev/null
+++ b/SOURCES/squid-5.5-CVE-2021-46784.patch
@@ -0,0 +1,120 @@
+diff --git a/src/gopher.cc b/src/gopher.cc
+index 576a3f7..2645b6b 100644
+--- a/src/gopher.cc
++++ b/src/gopher.cc
+@@ -364,7 +364,6 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
+ char *lpos = NULL;
+ char *tline = NULL;
+ LOCAL_ARRAY(char, line, TEMP_BUF_SIZE);
+- LOCAL_ARRAY(char, tmpbuf, TEMP_BUF_SIZE);
+ char *name = NULL;
+ char *selector = NULL;
+ char *host = NULL;
+@@ -374,7 +373,6 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
+ char gtype;
+ StoreEntry *entry = NULL;
+
+- memset(tmpbuf, '\0', TEMP_BUF_SIZE);
+ memset(line, '\0', TEMP_BUF_SIZE);
+
+ entry = gopherState->entry;
+@@ -409,7 +407,7 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
+ return;
+ }
+
+- String outbuf;
++ SBuf outbuf;
+
+ if (!gopherState->HTML_header_added) {
+ if (gopherState->conversion == GopherStateData::HTML_CSO_RESULT)
+@@ -577,34 +575,34 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
+ break;
+ }
+
+- memset(tmpbuf, '\0', TEMP_BUF_SIZE);
+-
+ if ((gtype == GOPHER_TELNET) || (gtype == GOPHER_3270)) {
+ if (strlen(escaped_selector) != 0)
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s@%s%s%s/\">%s</A>\n",
+- icon_url, escaped_selector, rfc1738_escape_part(host),
+- *port ? ":" : "", port, html_quote(name));
++ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s@%s%s%s/\">%s</A>\n",
++ icon_url, escaped_selector, rfc1738_escape_part(host),
++ *port ? ":" : "", port, html_quote(name));
+ else
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s%s%s/\">%s</A>\n",
+- icon_url, rfc1738_escape_part(host), *port ? ":" : "",
+- port, html_quote(name));
++ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"telnet://%s%s%s/\">%s</A>\n",
++ icon_url, rfc1738_escape_part(host), *port ? ":" : "",
++ port, html_quote(name));
+
+ } else if (gtype == GOPHER_INFO) {
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "\t%s\n", html_quote(name));
++ outbuf.appendf("\t%s\n", html_quote(name));
+ } else {
+ if (strncmp(selector, "GET /", 5) == 0) {
+ /* WWW link */
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"http://%s/%s\">%s</A>\n",
+- icon_url, host, rfc1738_escape_unescaped(selector + 5), html_quote(name));
++ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"http://%s/%s\">%s</A>\n",
++ icon_url, host, rfc1738_escape_unescaped(selector + 5), html_quote(name));
++ } else if (gtype == GOPHER_WWW) {
++ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n",
++ icon_url, rfc1738_escape_unescaped(selector), html_quote(name));
+ } else {
+ /* Standard link */
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n",
+- icon_url, host, gtype, escaped_selector, html_quote(name));
++ outbuf.appendf("<IMG border=\"0\" SRC=\"%s\"> <A HREF=\"gopher://%s/%c%s\">%s</A>\n",
++ icon_url, host, gtype, escaped_selector, html_quote(name));
+ }
+ }
+
+ safe_free(escaped_selector);
+- outbuf.append(tmpbuf);
+ } else {
+ memset(line, '\0', TEMP_BUF_SIZE);
+ continue;
+@@ -637,13 +635,12 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
+ break;
+
+ if (gopherState->cso_recno != recno) {
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "</PRE><HR noshade size=\"1px\"><H2>Record# %d<br><i>%s</i></H2>\n<PRE>", recno, html_quote(result));
++ outbuf.appendf("</PRE><HR noshade size=\"1px\"><H2>Record# %d<br><i>%s</i></H2>\n<PRE>", recno, html_quote(result));
+ gopherState->cso_recno = recno;
+ } else {
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "%s\n", html_quote(result));
++ outbuf.appendf("%s\n", html_quote(result));
+ }
+
+- outbuf.append(tmpbuf);
+ break;
+ } else {
+ int code;
+@@ -671,8 +668,7 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
+
+ case 502: { /* Too Many Matches */
+ /* Print the message the server returns */
+- snprintf(tmpbuf, TEMP_BUF_SIZE, "</PRE><HR noshade size=\"1px\"><H2>%s</H2>\n<PRE>", html_quote(result));
+- outbuf.append(tmpbuf);
++ outbuf.appendf("</PRE><HR noshade size=\"1px\"><H2>%s</H2>\n<PRE>", html_quote(result));
+ break;
+ }
+
+@@ -688,13 +684,12 @@ gopherToHTML(GopherStateData * gopherState, char *inbuf, int len)
+
+ } /* while loop */
+
+- if (outbuf.size() > 0) {
+- entry->append(outbuf.rawBuf(), outbuf.size());
++ if (outbuf.length() > 0) {
++ entry->append(outbuf.rawContent(), outbuf.length());
+ /* now let start sending stuff to client */
+ entry->flush();
+ }
+
+- outbuf.clean();
+ return;
+ }
+
diff --git a/SOURCES/squid-5.5-CVE-2022-41318.patch b/SOURCES/squid-5.5-CVE-2022-41318.patch
new file mode 100644
index 0000000..cb303ad
--- /dev/null
+++ b/SOURCES/squid-5.5-CVE-2022-41318.patch
@@ -0,0 +1,38 @@
+commit 4031c6c2b004190fdffbc19dab7cd0305a2025b7 (refs/remotes/origin/v4, refs/remotes/github/v4, refs/heads/v4)
+Author: Amos Jeffries <yadij@users.noreply.github.com>
+Date: 2022-08-09 23:34:54 +0000
+
+ Bug 3193 pt2: NTLM decoder truncating strings (#1114)
+
+ The initial bug fix overlooked large 'offset' causing integer
+ wrap to extract a too-short length string.
+
+ Improve debugs and checks sequence to clarify cases and ensure
+ that all are handled correctly.
+
+diff --git a/lib/ntlmauth/ntlmauth.cc b/lib/ntlmauth/ntlmauth.cc
+index 5d9637290..f00fd51f8 100644
+--- a/lib/ntlmauth/ntlmauth.cc
++++ b/lib/ntlmauth/ntlmauth.cc
+@@ -107,10 +107,19 @@ ntlm_fetch_string(const ntlmhdr *packet, const int32_t packet_size, const strhdr
+ int32_t o = le32toh(str->offset);
+ // debug("ntlm_fetch_string(plength=%d,l=%d,o=%d)\n",packet_size,l,o);
+
+- if (l < 0 || l > NTLM_MAX_FIELD_LENGTH || o + l > packet_size || o == 0) {
+- debug("ntlm_fetch_string: insane data (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
++ if (l < 0 || l > NTLM_MAX_FIELD_LENGTH) {
++ debug("ntlm_fetch_string: insane string length (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
+ return rv;
+ }
++ else if (o <= 0 || o > packet_size) {
++ debug("ntlm_fetch_string: insane string offset (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
++ return rv;
++ }
++ else if (l > packet_size - o) {
++ debug("ntlm_fetch_string: truncated string data (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
++ return rv;
++ }
++
+ rv.str = (char *)packet + o;
+ rv.l = 0;
+ if ((flags & NTLM_NEGOTIATE_ASCII) == 0) {
diff --git a/SOURCES/squid-5.5.tar.xz.asc b/SOURCES/squid-5.5.tar.xz.asc
new file mode 100644
index 0000000..c7080a6
--- /dev/null
+++ b/SOURCES/squid-5.5.tar.xz.asc
@@ -0,0 +1,25 @@
+File: squid-5.5.tar.xz
+Date: Wed 13 Apr 2022 08:45:42 UTC
+Size: 2565732
+MD5 : 83ccc2d86ca0966e3555a3b78f5afd14
+SHA1: 42302bd9b8feff851a41420334cb8eaeab2806ab
+Key : CD6DBF8EF3B17D3E <squid3@treenet.co.nz>
+ B068 84ED B779 C89B 044E 64E3 CD6D BF8E F3B1 7D3E
+ keyring = http://www.squid-cache.org/pgp.asc
+ keyserver = pool.sks-keyservers.net
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEsGiE7bd5yJsETmTjzW2/jvOxfT4FAmJWjb4ACgkQzW2/jvOx
+fT7t0A/9GjAdINfSP4gQyUr+Uvakz9O6fA9Jo3F30VafYimrSGm+VdGWntTsrOaP
+VcsCdG3/Dvrhnqtu9+hwfKKQ61lmmUC7KVycx3whEUepQbZu5kd05csD7nwQ+AFe
+7eJr0IwbRI4XdUhNW4AB52i/+hpHs/YSrSokumx5NVhwAUvT81TToUNzUjfKuXyy
+U+w6GQ9kJbVW1UgFYZGZdJwCmD5Z7fNdUllKZhLj4I5GZ+5Zz5+lJP3ZBC6qavde
+34hbpHbt+/lqz337eNoxwlyPNKPDiGIUEY9T4cdzA0BiLggTmlukDFErlYuHgCMX
+BmQ9elJtdRaCD2YD+U1H9J+2wqt9O01gdyFU1V3RnNLZphgWur9X808rujuE46+Q
+sxyV6SjeBh6Xs/I7wA9utX0pbVD+nLvna6Be49M1yAghBwTjiYN9fGC3ufj4St3k
+PCvkTkBUOop3m4aBCRtUVO6w4Y/YmF71qAHIiSLe1i6xoztEDTVI0CA+vfrwwu2G
+rFP5wuKsaYfBjkhQw4Jv6X30vnnOVqlxITGXcOnPXrHoD5KuYXv/Xsobqf8XsFdl
+3qyXUe8lSI5idCg+Ajj9m0IqGWA50iFBs28Ca7GDacl9KApGn4O7kPLQY+7nN5cz
+Nv3k8lYPh4KvRI1b2hcuoe3K63rEzty0e2vqG9zqxkpxOt20E/U=
+=9xr/
+-----END PGP SIGNATURE-----
diff --git a/SPECS/squid.spec b/SPECS/squid.spec
index 51e0185..34b3a2e 100644
--- a/SPECS/squid.spec
+++ b/SPECS/squid.spec
@@ -1,8 +1,8 @@
%define __perl_requires %{SOURCE98}
Name: squid
-Version: 5.2
-Release: 1%{?dist}.2
+Version: 5.5
+Release: 3%{?dist}
Summary: The Squid proxy caching server
Epoch: 7
# See CREDITS for breakdown of non GPLv2+ code
@@ -42,11 +42,11 @@ Patch207: squid-5.0.6-active-ftp.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1988122
Patch208: squid-5.1-test-store-cppsuite.patch
-# Security issues
+# Security patches
# https://bugzilla.redhat.com/show_bug.cgi?id=2100721
-Patch501: squid-5.2-CVE-2021-46784.patch
+Patch501: squid-5.5-CVE-2021-46784.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2129771
-Patch502: squid-5.2-CVE-2022-41318.patch
+Patch502: squid-5.5-CVE-2022-41318.patch
# cache_swap.sh
Requires: bash gawk
@@ -354,14 +354,18 @@ fi
%changelog
-* Wed Sep 28 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.2-1.2
-- Resolves: #2130251 - CVE-2022-41318 squid: buffer-over-read in SSPI and SMB
+* Thu Sep 29 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-3
+- Resolves: #2130252 - CVE-2022-41318 squid: buffer-over-read in SSPI and SMB
authentication
-* Tue Jun 28 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.2-1.1
-- Resolves: #2100784 - CVE-2021-46784 squid: DoS when processing gopher server
+* Mon Jul 11 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-2
+- Resolves: #2100785 - CVE-2021-46784 squid: DoS when processing gopher server
responses
+* Tue May 31 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.5-1
+- new version 5.5
+- Resolves: #2075727 - The memory usage of the squid process keeps increasing
+
* Thu Oct 07 2021 Luboš Uhliarik <luhliari@redhat.com> - 7:5.2-1
- new version 5.2
- Resolves: #1934560 - squid: out-of-bounds read in WCCP protocol