squid: patch CVE-2025-59362

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-59362 Pick the PR content that's referenced in the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
author: Gyorgy Sarvari <skandigraun@gmail.com> 2025-10-21 20:32:03 +0200
committer: Gyorgy Sarvari <skandigraun@gmail.com> 2025-10-27 11:17:30 +0100
commit: efbc247121f48084cfdc74fc5f35edeb6ddb981d (patch)
tree: 3ad923c248e21886c259ff89063ebb479fd5d1cc /meta-networking
parent: bb7620585c83c62fffb6779b0677ba9ab820f802 (diff)
download: meta-openembedded-efbc247121f48084cfdc74fc5f35edeb6ddb981d.tar.gz
2 files changed, 52 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2025-59362.patch b/meta-networking/recipes-daemons/squid/files/CVE-2025-59362.patch
new file mode 100644
index 0000000000..1d50cb31e1
--- /dev/null
+++ b/meta-networking/recipes-daemons/squid/files/CVE-2025-59362.patch
@@ -0,0 +1,51 @@
+From 4b9784928c87225605fd223b6fa0e5b42d039359 Mon Sep 17 00:00:00 2001
+From: Alex Rousskov <rousskov@measurement-factory.com>
+Date: Sat, 30 Aug 2025 06:49:36 +0000
+Subject: [PATCH] Fix ASN.1 encoding of long SNMP OIDs (#2149)
+CVE: CVE-2025-59362
+Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/0d89165ee6da10e6fa50c44998b3cd16d59400e9]
+---
+ lib/snmplib/asn1.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+diff --git a/lib/snmplib/asn1.c b/lib/snmplib/asn1.c
+index 8a4e471..0bb1f0b 100644
+--- a/lib/snmplib/asn1.c
+++ b/lib/snmplib/asn1.c
+@@ -771,6 +771,7 @@ asn_build_objid(u_char * data, int *datalength,
+      * lastbyte ::= 0 7bitvalue
+      */
+     u_char buf[MAX_OID_LEN];
+    u_char *bufEnd = buf + sizeof(buf);
+     u_char *bp = buf;
+     oid *op = objid;
+     int asnlength;
+@@ -789,6 +790,10 @@ asn_build_objid(u_char * data, int *datalength,
+     while (objidlength-- > 0) {
+         subid = *op++;
+         if (subid < 127) {  /* off by one? */
+            if (bp >= bufEnd) {
+                snmp_set_api_error(SNMPERR_ASN_ENCODE);
+                return (NULL);
+            }
+             *bp++ = subid;
+         } else {
+             mask = 0x7F;    /* handle subid == 0 case */
+@@ -806,8 +811,16 @@ asn_build_objid(u_char * data, int *datalength,
+                 /* fix a mask that got truncated above */
+                 if (mask == 0x1E00000)
+                     mask = 0xFE00000;
+                if (bp >= bufEnd) {
+                    snmp_set_api_error(SNMPERR_ASN_ENCODE);
+                    return (NULL);
+                }
+                 *bp++ = (u_char) (((subid & mask) >> bits) | ASN_BIT8);
+             }
+            if (bp >= bufEnd) {
+                snmp_set_api_error(SNMPERR_ASN_ENCODE);
+                return (NULL);
+            }
+             *bp++ = (u_char) (subid & mask);
+         }
+     }
diff --git a/meta-networking/recipes-daemons/squid/squid_4.15.bb b/meta-networking/recipes-daemons/squid/squid_4.15.bb
index 2c33d45bbf..ae3b66c7af 100644
--- a/meta-networking/recipes-daemons/squid/squid_4.15.bb
+++ b/meta-networking/recipes-daemons/squid/squid_4.15.bb
@@ -37,6 +37,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2
           file://CVE-2022-41317.patch \
           file://CVE-2022-41318.patch \
           file://CVE-2023-46724.patch \
+           file://CVE-2025-59362.patch \
           "
 SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch"
author	Gyorgy Sarvari <skandigraun@gmail.com>	2025-10-21 20:32:03 +0200
committer	Gyorgy Sarvari <skandigraun@gmail.com>	2025-10-27 11:17:30 +0100
commit	efbc247121f48084cfdc74fc5f35edeb6ddb981d (patch)
tree	3ad923c248e21886c259ff89063ebb479fd5d1cc /meta-networking
parent	bb7620585c83c62fffb6779b0677ba9ab820f802 (diff)
download	meta-openembedded-efbc247121f48084cfdc74fc5f35edeb6ddb981d.tar.gz

diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2025-59362.patch b/meta-networking/recipes-daemons/squid/files/CVE-2025-59362.patch new file mode 100644 index 0000000000..1d50cb31e1 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2025-59362.patch
@@ -0,0 +1,51 @@
		1	From 4b9784928c87225605fd223b6fa0e5b42d039359 Mon Sep 17 00:00:00 2001
		2	From: Alex Rousskov <rousskov@measurement-factory.com>
		3	Date: Sat, 30 Aug 2025 06:49:36 +0000
		4	Subject: [PATCH] Fix ASN.1 encoding of long SNMP OIDs (#2149)
		5
		6	CVE: CVE-2025-59362
		7	Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/0d89165ee6da10e6fa50c44998b3cd16d59400e9]
		8	---
		9	lib/snmplib/asn1.c \| 13 +++++++++++++
		10	1 file changed, 13 insertions(+)
		11
		12	diff --git a/lib/snmplib/asn1.c b/lib/snmplib/asn1.c
		13	index 8a4e471..0bb1f0b 100644
		14	--- a/lib/snmplib/asn1.c
		15	+++ b/lib/snmplib/asn1.c
		16	@@ -771,6 +771,7 @@ asn_build_objid(u_char * data, int *datalength,
		17	* lastbyte ::= 0 7bitvalue
		18	*/
		19	u_char buf[MAX_OID_LEN];
		20	+ u_char *bufEnd = buf + sizeof(buf);
		21	u_char *bp = buf;
		22	oid *op = objid;
		23	int asnlength;
		24	@@ -789,6 +790,10 @@ asn_build_objid(u_char * data, int *datalength,
		25	while (objidlength-- > 0) {
		26	subid = *op++;
		27	if (subid < 127) { /* off by one? */
		28	+ if (bp >= bufEnd) {
		29	+ snmp_set_api_error(SNMPERR_ASN_ENCODE);
		30	+ return (NULL);
		31	+ }
		32	*bp++ = subid;
		33	} else {
		34	mask = 0x7F; /* handle subid == 0 case */
		35	@@ -806,8 +811,16 @@ asn_build_objid(u_char * data, int *datalength,
		36	/* fix a mask that got truncated above */
		37	if (mask == 0x1E00000)
		38	mask = 0xFE00000;
		39	+ if (bp >= bufEnd) {
		40	+ snmp_set_api_error(SNMPERR_ASN_ENCODE);
		41	+ return (NULL);
		42	+ }
		43	*bp++ = (u_char) (((subid & mask) >> bits) \| ASN_BIT8);
		44	}
		45	+ if (bp >= bufEnd) {
		46	+ snmp_set_api_error(SNMPERR_ASN_ENCODE);
		47	+ return (NULL);
		48	+ }
		49	*bp++ = (u_char) (subid & mask);
		50	}
		51	}


diff --git a/meta-networking/recipes-daemons/squid/squid_4.15.bb b/meta-networking/recipes-daemons/squid/squid_4.15.bb index 2c33d45bbf..ae3b66c7af 100644 --- a/meta-networking/recipes-daemons/squid/squid_4.15.bb +++ b/meta-networking/recipes-daemons/squid/squid_4.15.bb
@@ -37,6 +37,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2
37	file://CVE-2022-41317.patch \	37	file://CVE-2022-41317.patch \
38	file://CVE-2022-41318.patch \	38	file://CVE-2022-41318.patch \
39	file://CVE-2023-46724.patch \	39	file://CVE-2023-46724.patch \
		40	file://CVE-2025-59362.patch \
40	"	41	"
41		42
42	SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch"	43	SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch"