From 5b2e937448371626cf71b761e3bfb06ffb60a7ee Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster@mvista.com>
Date: Mon, 26 Oct 2015 16:31:22 -0700
Subject: squid: serveral missing security fixes

SQUID-2015:2 - Does not affect Squid-3.4 and older versions are not vulnerable.
CVE-2015-5400
CVE-2015-3455
CVE-2014-7142
CVE-2014-7141
CVE-2014-6270

see http://www.squid-cache.org/Advisories/

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../squid/files/CVE-2015-3455.patch                | 53 ++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch

(limited to 'meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch')

diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch b/meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch
new file mode 100644
index 0000000000..409f9a7f17
--- /dev/null
+++ b/meta-networking/recipes-daemons/squid/files/CVE-2015-3455.patch
@@ -0,0 +1,53 @@
+Fix: CVE-2015-3455
+
+------------------------------------------------------------
+revno: 13222
+revision-id: squid3@treenet.co.nz-20150501071651-songz1j26frb2ytz
+parent: squid3@treenet.co.nz-20150501071104-vd21fu43lvmqoqwa
+author: Amos Jeffries <amosjeffries@squid-cache.org>, Christos Tsantilas <chtsanti@users.sourceforge.net>
+committer: Amos Jeffries <squid3@treenet.co.nz>
+branch nick: 3.4
+timestamp: Fri 2015-05-01 00:16:51 -0700
+message:
+  Fix X509 server certificate domain matching
+  
+  The X509 certificate domain fields may contain non-ASCII encodings.
+  Ensure the domain match algorithm is only passed UTF-8 ASCII-compatible
+  strings.
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3@treenet.co.nz-20150501071651-songz1j26frb2ytz
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: e38694c3e222c506740510557d2a7a122786225c
+# timestamp: 2015-05-01 07:17:25 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3@treenet.co.nz-20150501071104-\
+#   vd21fu43lvmqoqwa
+# 
+# Begin patch
+
+Upstream-Status: Backport
+
+http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13222.patch
+
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+=== modified file 'src/ssl/support.cc'
+--- a/src/ssl/support.cc	2015-01-24 05:07:58 +0000
++++ b/src/ssl/support.cc	2015-05-01 07:16:51 +0000
+@@ -209,7 +209,13 @@
+     if (cn_data->length > (int)sizeof(cn) - 1) {
+         return 1; //if does not fit our buffer just ignore
+     }
+-    memcpy(cn, cn_data->data, cn_data->length);
++    char *s = reinterpret_cast<char*>(cn_data->data);
++    char *d = cn;
++    for (int i = 0; i < cn_data->length; ++i, ++d, ++s) {
++        if (*s == '\0')
++            return 1; // always a domain mismatch. contains 0x00
++        *d = *s;
++    }
+     cn[cn_data->length] = '\0';
+     debugs(83, 4, "Verifying server domain " << server << " to certificate name/subjectAltName " << cn);
+     return matchDomainName(server, cn[0] == '*' ? cn + 1 : cn);
+
-- 
cgit v1.2.3-54-g00ecf