<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-networking/recipes-daemons/squid, branch krogoth-next</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=krogoth-next</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=krogoth-next'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2016-08-16T17:29:39+00:00</updated>
<entry>
<title>squid: CVE-2016-4553</title>
<updated>2016-08-16T17:29:39+00:00</updated>
<author>
<name>Catalin Enache</name>
<email>catalin.enache@windriver.com</email>
</author>
<published>2016-05-23T12:49:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=7166a2daecfbb4528fa410670adcc7f241715bd5'/>
<id>urn:sha1:7166a2daecfbb4528fa410670adcc7f241715bd5</id>
<content type='text'>
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10
does not properly ignore the Host header when absolute-URI
is provided, which allows remote attackers to conduct
cache-poisoning attacks via an HTTP request.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4553

Backported upstream patch:
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14039.patch

Signed-off-by: Catalin Enache &lt;catalin.enache@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
(cherry picked from commit d46c89ae44c811b64b117613072698601e483b32)
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>squid: CVE-2016-3947</title>
<updated>2016-05-10T02:05:02+00:00</updated>
<author>
<name>Catalin Enache</name>
<email>catalin.enache@windriver.com</email>
</author>
<published>2016-05-06T14:00:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a1b71fe1478d7e09f9b4849ad30314b3b3399af2'/>
<id>urn:sha1:a1b71fe1478d7e09f9b4849ad30314b3b3399af2</id>
<content type='text'>
Heap-based buffer overflow in the Icmp6::Recv function in
icmp/Icmp6.cc in the pinger in Squid before 3.5.16 and 4.x
before 4.0.8 allows remote servers to cause a denial of
service (performance degradation or transition failures)
or write sensitive information to log files via an ICMPv6
packet.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947

Signed-off-by: Catalin Enache &lt;catalin.enache@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
Signed-off-by: Otavio Salvador &lt;otavio@ossystems.com.br&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>squid: Blacklist</title>
<updated>2016-02-22T20:51:18+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>Martin.Jansa@gmail.com</email>
</author>
<published>2016-02-22T13:05:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=9e0c46a16931edd871d3a39ffa79e730bb130647'/>
<id>urn:sha1:9e0c46a16931edd871d3a39ffa79e730bb130647</id>
<content type='text'>
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
</content>
</entry>
<entry>
<title>squid: disable atomic operations for powerpc/mips</title>
<updated>2015-10-21T19:57:26+00:00</updated>
<author>
<name>Wenzong Fan</name>
<email>wenzong.fan@windriver.com</email>
</author>
<published>2015-09-24T03:12:31+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=b851e928eacb9c27923a9028618d107fe22136fd'/>
<id>urn:sha1:b851e928eacb9c27923a9028618d107fe22136fd</id>
<content type='text'>
Don't enable GNU atomic operations for all targets, it fails on
powerpc and mips:

  AtomicWord.h: undefined reference to `__sync_fetch_and_add_8'
  collect2: error: ld returned 1 exit status

Refer to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56300:

  There is no hardware support for 8 bytes atomic operations on
  32-bit MIPS targets.

The 32-bit PowerPC fails as well.

Signed-off-by: Wenzong Fan &lt;wenzong.fan@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
</content>
</entry>
<entry>
<title>squid: upgrade to 3.5.7</title>
<updated>2015-09-11T17:33:54+00:00</updated>
<author>
<name>Roy Li</name>
<email>rongqing.li@windriver.com</email>
</author>
<published>2015-09-06T09:22:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=7d13944f65824a9238aff4c18cfcdcbfc1ba619a'/>
<id>urn:sha1:7d13944f65824a9238aff4c18cfcdcbfc1ba619a</id>
<content type='text'>
1. Remove the squid-change-ksh-referen*.patch which is not needed, since
   3.5.7 did not use ksh by default.
2. Update the checksum of COPYING,since the date in it has been changed.
3. Define BUILDCXXFLAGS, otherwise the target gcc options -std=c++11 will
   add into it, and lead to building failure since host gcc maybe not
   support "-std=c++11"
4. Assume to support GNU atomic operations by default, the running check
   on cross-compile setup does not work
5. enable basic auth by checking the DISTRO_FEATURE, and the default
   dependency on db, opensasl and openldap nis have been set, so enable
   them by default.

Signed-off-by: Roy Li &lt;rongqing.li@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
</content>
</entry>
<entry>
<title>meta-networking: standardize SECTION values</title>
<updated>2015-06-06T00:42:25+00:00</updated>
<author>
<name>Joe MacDonald</name>
<email>joe_macdonald@mentor.com</email>
</author>
<published>2015-05-11T20:12:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=8980f0d2a20726c9e9f7e951fca7a90896ecff31'/>
<id>urn:sha1:8980f0d2a20726c9e9f7e951fca7a90896ecff31</id>
<content type='text'>
SECTION has been used inconsistently throughout the recipes in this layer.
Convert them to all use the same convention.

Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
</content>
</entry>
<entry>
<title>squid: change ksh reference in krb ldap helper to sh</title>
<updated>2014-11-04T21:02:44+00:00</updated>
<author>
<name>Chong Lu</name>
<email>Chong.Lu@windriver.com</email>
</author>
<published>2014-10-30T02:26:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=22119569b940a9294f37bdb36a84082faa281c1a'/>
<id>urn:sha1:22119569b940a9294f37bdb36a84082faa281c1a</id>
<content type='text'>
This solves the following warning:

squid-3.4.7: squid requires /bin/bash, /usr/bin/perl, but no providers in its
RDEPENDS [file-rdeps]

Signed-off-by: Chong Lu &lt;Chong.Lu@windriver.com&gt;
Signed-off-by: Joe MacDonald &lt;joe_macdonald@mentor.com&gt;
</content>
</entry>
<entry>
<title>squid: Add a PACKAGECONFIG for libnetfilter-conntrack</title>
<updated>2014-10-30T07:59:31+00:00</updated>
<author>
<name>Chong.Lu@windriver.com</name>
<email>Chong.Lu@windriver.com</email>
</author>
<published>2014-10-22T10:07:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=d47b4c7ca0f98071a6f33144630d6bf1b856ce18'/>
<id>urn:sha1:d47b4c7ca0f98071a6f33144630d6bf1b856ce18</id>
<content type='text'>
This solves the following warning:

WARNING: QA Issue: squid rdepends on libnetfilter-conntrack, but it isn't a
build dependency? [build-deps]

Signed-off-by: Chong Lu &lt;Chong.Lu@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
</content>
</entry>
<entry>
<title>squid: add new recipe</title>
<updated>2014-10-16T05:00:59+00:00</updated>
<author>
<name>Jackie Huang</name>
<email>jackie.huang@windriver.com</email>
</author>
<published>2014-10-14T06:56:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=b310b1daf8793b948719175b3de813bcb2e350ce'/>
<id>urn:sha1:b310b1daf8793b948719175b3de813bcb2e350ce</id>
<content type='text'>
squid is a fully-featured http proxy and web-cache daemon for Linux.

Signed-off-by: Jackie Huang &lt;jackie.huang@windriver.com&gt;
Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
</content>
</entry>
</feed>
