squid: CVE-2016-4553

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4553 Backported upstream patch: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14039.patch Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> (cherry picked from commit d46c89ae44c811b64b117613072698601e483b32) Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Catalin Enache <catalin.enache@windriver.com> 2016-05-23 15:49:34 +0300
committer: Armin Kuster <akuster808@gmail.com> 2016-08-16 10:29:39 -0700
commit: 7166a2daecfbb4528fa410670adcc7f241715bd5 (patch)
tree: b0991fb67152a1ea96b725b71887b003bcdbdd5e /meta-networking/recipes-daemons/squid/squid_3.5.7.bb
parent: bee5bfb29d582e6c31a875b6905558d15cec8767 (diff)
download: meta-openembedded-7166a2daecfbb4528fa410670adcc7f241715bd5.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/squid/squid_3.5.7.bb b/meta-networking/recipes-daemons/squid/squid_3.5.7.bb
index e35aad7cf..93f69c1a1 100644
--- a/meta-networking/recipes-daemons/squid/squid_3.5.7.bb
+++ b/meta-networking/recipes-daemons/squid/squid_3.5.7.bb
@@ -20,6 +20,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${MIN_VER}/${BPN}-${P
           file://run-ptest \
           file://volatiles.03_squid \
           file://CVE-2016-3947.patch \
+           file://CVE-2016-4553.patch \
 "
 LIC_FILES_CHKSUM = "file://COPYING;md5=c492e2d6d32ec5c1aad0e0609a141ce9 \
author	Catalin Enache <catalin.enache@windriver.com>	2016-05-23 15:49:34 +0300
committer	Armin Kuster <akuster808@gmail.com>	2016-08-16 10:29:39 -0700
commit	7166a2daecfbb4528fa410670adcc7f241715bd5 (patch)
tree	b0991fb67152a1ea96b725b71887b003bcdbdd5e /meta-networking/recipes-daemons/squid/squid_3.5.7.bb
parent	bee5bfb29d582e6c31a875b6905558d15cec8767 (diff)
download	meta-openembedded-7166a2daecfbb4528fa410670adcc7f241715bd5.tar.gz

diff --git a/meta-networking/recipes-daemons/squid/squid_3.5.7.bb b/meta-networking/recipes-daemons/squid/squid_3.5.7.bb index e35aad7cf..93f69c1a1 100644 --- a/meta-networking/recipes-daemons/squid/squid_3.5.7.bb +++ b/meta-networking/recipes-daemons/squid/squid_3.5.7.bb
@@ -20,6 +20,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${MIN_VER}/${BPN}-${P
20	file://run-ptest \	20	file://run-ptest \
21	file://volatiles.03_squid \	21	file://volatiles.03_squid \
22	file://CVE-2016-3947.patch \	22	file://CVE-2016-3947.patch \
		23	file://CVE-2016-4553.patch \
23	"	24	"
24		25
25	LIC_FILES_CHKSUM = "file://COPYING;md5=c492e2d6d32ec5c1aad0e0609a141ce9 \	26	LIC_FILES_CHKSUM = "file://COPYING;md5=c492e2d6d32ec5c1aad0e0609a141ce9 \