Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b]
Signed-off-by: Vivek Kumbhar <[email protected]> --- .../squid/files/CVE-2023-49285.patch | 37 +++++++++++++++++++ .../recipes-daemons/squid/squid_4.15.bb | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch new file mode 100644 index 0000000000..6909f754f3 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch @@ -0,0 +1,37 @@ +From 77b3fb4df0f126784d5fd4967c28ed40eb8d521b Mon Sep 17 00:00:00 2001 +From: Alex Rousskov <[email protected]> +Date: Wed, 25 Oct 2023 19:41:45 +0000 +Subject: [PATCH] RFC 1123: Fix date parsing (#1538) + +The bug was discovered and detailed by Joshua Rogers at +https://megamansec.github.io/Squid-Security-Audit/datetime-overflow.html +where it was filed as "1-Byte Buffer OverRead in RFC 1123 date/time +Handling". + +Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b] +CVE: CVE-2023-49285 +Signed-off-by: Vivek Kumbhar <[email protected]> +--- + lib/rfc1123.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/lib/rfc1123.c b/lib/rfc1123.c +index 2d889cc..add63f0 100644 +--- a/lib/rfc1123.c ++++ b/lib/rfc1123.c +@@ -50,7 +50,13 @@ make_month(const char *s) + char month[3]; + + month[0] = xtoupper(*s); ++ if (!month[0]) ++ return -1; // protects *(s + 1) below ++ + month[1] = xtolower(*(s + 1)); ++ if (!month[1]) ++ return -1; // protects *(s + 2) below ++ + month[2] = xtolower(*(s + 2)); + + for (i = 0; i < 12; i++) +-- +2.39.3 diff --git a/meta-networking/recipes-daemons/squid/squid_4.15.bb b/meta-networking/recipes-daemons/squid/squid_4.15.bb index 3027806742..fb293453f1 100644 --- a/meta-networking/recipes-daemons/squid/squid_4.15.bb +++ b/meta-networking/recipes-daemons/squid/squid_4.15.bb @@ -26,6 +26,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2 file://0001-splay.cc-fix-bind-is-not-a-member-of-std.patch \ file://0001-Fix-build-on-Fedora-Rawhide-772.patch \ file://CVE-2023-46847.patch \ + file://CVE-2023-49285.patch \ " SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch" -- 2.39.3
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#108129): https://lists.openembedded.org/g/openembedded-devel/message/108129 Mute This Topic: https://lists.openembedded.org/mt/103596214/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
