Security patch for Squid advisory 2010:1, denial of service.

Submitted by:	maintainer (Thomas-Martin Seck <tmseck web de>)
This commit is contained in:
Xin LI 2010-02-01 20:25:56 +00:00
parent fb1abdada3
commit 3f1f30c23c
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=249050
3 changed files with 70 additions and 1 deletions

View file

@ -34,6 +34,37 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="296ecb59-0f6b-11df-8bab-0019996bc1f7">
<topic>squid -- Denial of Service vulnerability in DNS handling</topic>
<affects>
<package>
<name>squid</name>
<range><ge>2.7.1</ge><lt>2.7.7_3</lt></range>
<range><ge>3.0.1</ge><lt>3.0.22</lt></range>
<range><ge>3.1.0.1</ge><lt>3.1.0.16</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Squid security advisory 2010:1 reports:</p>
<blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2010_1.txt">
<p>Due to incorrect data validation Squid is vulnerable to a denial
of service attack when processing specially crafted DNS packets.</p>
<p>This problem allows any trusted client or external server who can
determine the squid receiving port to perform a short-term denial
of service attack on the Squid service.</p>
</blockquote>
</body>
</description>
<references>
<url>http://www.squid-cache.org/Advisories/SQUID-2010_1.txt</url>
</references>
<dates>
<discovery>2010-01-14</discovery>
<entry>2010-02-01</entry>
</dates>
</vuln>
<vuln vid="696053c6-0f50-11df-a628-001517351c22">
<topic>bugzilla -- information leak</topic>
<affects>

View file

@ -76,7 +76,7 @@
PORTNAME= squid
PORTVERSION= 2.7.${SQUID_STABLE_VER}
PORTREVISION= 2
PORTREVISION= 3
CATEGORIES= www
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \

View file

@ -0,0 +1,38 @@
FreeBSD-Patch for Squid-Advisory 2010:1, prepared by Thomas-Martin Seck,
<tmseck@web.de>, 2010-02-01.
Removed one directory level and the first hunk with CVS meta-information
from the original patch. The original patch can be downloaded from:
http://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patch
---------------------
PatchSet 12597
Date: 2010/01/15 11:40:30
Author: amosjeffries
Branch: HEAD
Tag: (none)
Log:
Handle DNS header-only packets as invalid.
Members:
lib/rfc1035.c:1.30->1.31
Index: lib/rfc1035.c
===================================================================
RCS file: /cvsroot/squid/squid/lib/rfc1035.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- lib/rfc1035.c 15 Jun 2008 03:49:55 -0000 1.30
+++ lib/rfc1035.c 15 Jan 2010 11:40:30 -0000 1.31
@@ -286,7 +286,9 @@
size_t len;
assert(ns > 0);
do {
- assert((*off) < sz);
+ if ((*off) >= sz) {
+ return 1;
+ }
c = *(buf + (*off));
if (c > 191) {
/* blasted compression */