From 961fd7154b988c05d1c01498f31c007de619e9b1 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Tue, 26 Dec 2023 21:34:23 +0100
Subject: [PATCH] package/squid: security bump to version 6.6

- Drop patch (already in version)
- Fix CVE-2023-50269: This problem allows a remote client to perform
  Denial of Service attack by sending a large X-Forwarded-For header
  when the follow_x_forwarded_for feature is configured.

https://github.com/squid-cache/squid/security/advisories/GHSA-wgq4-4cfg-c4x3
https://github.com/squid-cache/squid/blob/SQUID_6_6/ChangeLog

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c13199c9326fa2daa574f08ec8fc063a48d0eb06)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/squid/squid.hash | 8 ++++----
 package/squid/squid.mk   | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package/squid/squid.hash b/package/squid/squid.hash
index a163bd9ad3..4a8ea5d550 100644
--- a/package/squid/squid.hash
+++ b/package/squid/squid.hash
@@ -1,6 +1,6 @@
-# From http://www.squid-cache.org/Versions/v6/squid-6.5.tar.xz.asc
-md5  da2797d899cf538fab7f504fdf3c18bf  squid-6.5.tar.xz
-sha1  07a08394625948750264778c82e19cf24ea7cb1f  squid-6.5.tar.xz
+# From http://www.squid-cache.org/Versions/v6/squid-6.6.tar.xz.asc
+md5  5a41134ee1b7e75f62088acdec92d2ca  squid-6.6.tar.xz
+sha1  f05e06a9dd3bf7501d2844e43d9ae1bd00e9edcc  squid-6.6.tar.xz
 # Locally calculated
-sha256  5070f8a3ae6666870c8fc716326befb0a1abe8b5ff3a6f3932cbc5543d7c8549  squid-6.5.tar.xz
+sha256  55bd7f9f4898153161ea1228998acb551bf840832b9e5b90fc8ecd2942420318  squid-6.6.tar.xz
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
diff --git a/package/squid/squid.mk b/package/squid/squid.mk
index c1477b1adf..3a9edac71e 100644
--- a/package/squid/squid.mk
+++ b/package/squid/squid.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SQUID_VERSION = 6.5
+SQUID_VERSION = 6.6
 SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz
 SQUID_SITE = http://www.squid-cache.org/Versions/v6
 SQUID_LICENSE = GPL-2.0+