squid: Add security patches
for CVE-2022-41317 and CVE-2022-41318.
This commit is contained in:
parent
b0df57811d
commit
7bb87f7fde
|
@ -0,0 +1,19 @@
|
|||
commit 55151c545a8e0bd2cb69036da5794c9cb21018b2
|
||||
Author: Amos Jeffries <yadij@users.noreply.github.com>
|
||||
Date: 2022-08-17 23:32:43 +0000
|
||||
|
||||
Fix typo in manager ACL (#1113)
|
||||
|
||||
diff --git a/src/cf.data.pre b/src/cf.data.pre
|
||||
index a0bdb2f83..118256437 100644
|
||||
--- a/src/cf.data.pre
|
||||
+++ b/src/cf.data.pre
|
||||
@@ -1036,7 +1036,7 @@ DEFAULT: ssl::certUntrusted ssl_error X509_V_ERR_INVALID_CA X509_V_ERR_SELF_SIGN
|
||||
DEFAULT: ssl::certSelfSigned ssl_error X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
|
||||
ENDIF
|
||||
DEFAULT: all src all
|
||||
-DEFAULT: manager url_regex -i ^cache_object:// +i ^https?://[^/]+/squid-internal-mgr/
|
||||
+DEFAULT: manager url_regex -i ^cache_object:// +i ^[^:]+://[^/]+/squid-internal-mgr/
|
||||
DEFAULT: localhost src 127.0.0.1/32 ::1
|
||||
DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1/128 ::/128
|
||||
DEFAULT: CONNECT method CONNECT
|
|
@ -0,0 +1,38 @@
|
|||
commit 8eca72c14f94e8591b0d40bd6210ec68d1e54c46
|
||||
Author: Amos Jeffries <yadij@users.noreply.github.com>
|
||||
Date: 2022-08-09 23:34:54 +0000
|
||||
|
||||
Bug 3193 pt2: NTLM decoder truncating strings (#1114)
|
||||
|
||||
The initial bug fix overlooked large 'offset' causing integer
|
||||
wrap to extract a too-short length string.
|
||||
|
||||
Improve debugs and checks sequence to clarify cases and ensure
|
||||
that all are handled correctly.
|
||||
|
||||
diff --git a/lib/ntlmauth/ntlmauth.cc b/lib/ntlmauth/ntlmauth.cc
|
||||
index b3df6b18e..dac8a7ecb 100644
|
||||
--- a/lib/ntlmauth/ntlmauth.cc
|
||||
+++ b/lib/ntlmauth/ntlmauth.cc
|
||||
@@ -108,10 +108,19 @@ ntlm_fetch_string(const ntlmhdr *packet, const int32_t packet_size, const strhdr
|
||||
int32_t o = le32toh(str->offset);
|
||||
// debug("ntlm_fetch_string(plength=%d,l=%d,o=%d)\n",packet_size,l,o);
|
||||
|
||||
- if (l < 0 || l > NTLM_MAX_FIELD_LENGTH || o + l > packet_size || o == 0) {
|
||||
- debug("ntlm_fetch_string: insane data (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
|
||||
+ if (l < 0 || l > NTLM_MAX_FIELD_LENGTH) {
|
||||
+ debug("ntlm_fetch_string: insane string length (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
|
||||
return rv;
|
||||
}
|
||||
+ else if (o <= 0 || o > packet_size) {
|
||||
+ debug("ntlm_fetch_string: insane string offset (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
|
||||
+ return rv;
|
||||
+ }
|
||||
+ else if (l > packet_size - o) {
|
||||
+ debug("ntlm_fetch_string: truncated string data (pkt-sz: %d, fetch len: %d, offset: %d)\n", packet_size,l,o);
|
||||
+ return rv;
|
||||
+ }
|
||||
+
|
||||
rv.str = (char *)packet + o;
|
||||
rv.l = 0;
|
||||
if ((flags & NTLM_NEGOTIATE_ASCII) == 0) {
|
|
@ -3,7 +3,7 @@ TERMUX_PKG_DESCRIPTION="Full-featured Web proxy cache server"
|
|||
TERMUX_PKG_LICENSE="GPL-2.0"
|
||||
TERMUX_PKG_MAINTAINER="@termux"
|
||||
TERMUX_PKG_VERSION=4.17
|
||||
TERMUX_PKG_REVISION=1
|
||||
TERMUX_PKG_REVISION=2
|
||||
TERMUX_PKG_SRCURL=http://squid.mirror.globo.tech/archive/4/squid-$TERMUX_PKG_VERSION.tar.xz
|
||||
TERMUX_PKG_SHA256=cb928ac08c7c86b151b1c8f827abe1a84d83181a2a86e0d512286163e1e31418
|
||||
TERMUX_PKG_DEPENDS="libc++, libcrypt, libxml2, libltdl, libgnutls, resolv-conf"
|
||||
|
|
Loading…
Reference in New Issue