package/squid: security bump to version 5.6

Fix CVE-2021-46784: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses. https://github.com/squid-cache/squid/security/advisories/GHSA-f5cp-6rh3-284w Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-08-26 23:22:54 +02:00 · 2022-08-26 23:22:54 +02:00 · d3ef301f0c
commit d3ef301f0c
parent 408888a29b
2 changed files with 5 additions and 5 deletions
--- a/package/squid/squid.hash
+++ b/package/squid/squid.hash
@ -1,6 +1,6 @@
-# From http://www.squid-cache.org/Versions/v5/squid-5.3.tar.xz.asc
-md5  9249f30169ab6600e53b4f9b8129b3b0  squid-5.3.tar.xz
-sha1  d3a8310c725616fa7565d60f3bf8fdf5fa20b15a  squid-5.3.tar.xz
+# From http://www.squid-cache.org/Versions/v5/squid-5.6.tar.xz.asc
+md5  2f2201a18a0a727ab589d951ebe4f815  squid-5.6.tar.xz
+sha1  a01f47b3e9ff06245c894773de30bfd88ab14f65  squid-5.6.tar.xz
 # Locally calculated
-sha256  45178588df1311ded41ebadd632840c4d93a8d7f5f60e38e74acf2f1ae2f1715  squid-5.3.tar.xz
+sha256  38d27338a347597ce0e93d0c3be6e5f66b6750417c474ca87ee0d61bb6d148db  squid-5.6.tar.xz
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
--- a/package/squid/squid.mk
+++ b/package/squid/squid.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-SQUID_VERSION = 5.3
+SQUID_VERSION = 5.6
 SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz
 SQUID_SITE = http://www.squid-cache.org/Versions/v5
 SQUID_LICENSE = GPL-2.0+