squid: add upstream security fix for SQUID-2018_4 / CVE-2018-19131

>From the advisory: Due to incorrect input handling, Squid is vulnerable to a Cross-Site Scripting vulnerability when generating HTTPS response messages about TLS errors. http://www.squid-cache.org/Advisories/SQUID-2018_4.txt Add the patch from the 3.5 branch fixing this issue. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-25 23:13:22 +01:00 · 2018-11-25 23:13:22 +01:00 · 143069ea61
commit 143069ea61
parent 8405ef9d0d
2 changed files with 3 additions and 0 deletions
--- a/package/squid/squid.hash
+++ b/package/squid/squid.hash
@ -2,4 +2,5 @@
 md5 9367e0375ea53ba0e99f77054d4402c5 squid-3.5.28.tar.xz
 sha1 721241a270ec27d629d65ae17a50be56510e8441 squid-3.5.28.tar.xz
 # Locally calculated
+sha256 de5ea6fa5711aaa6d209de9e9e715c2702ff3597f009562ee1e571cc101670c7 squid-3.5-f1657a9decc820f748fa3aff68168d3145258031.patch
 sha256 58f5d05257af1fb964fde20e134d660fac9afa86b6fd8c70d63ead63068378fa COPYING
--- a/package/squid/squid.mk
+++ b/package/squid/squid.mk
@ -8,6 +8,8 @@ SQUID_VERSION_MAJOR = 3.5
 SQUID_VERSION = $(SQUID_VERSION_MAJOR).28
 SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz
 SQUID_SITE = http://www.squid-cache.org/Versions/v3/$(SQUID_VERSION_MAJOR)
+SQUID_PATCH = \
+	http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-f1657a9decc820f748fa3aff68168d3145258031.patch
 SQUID_LICENSE = GPL-2.0+
 SQUID_LICENSE_FILES = COPYING
 # For 0001-assume-get-certificate-ok.patch