Add official patch-20091015, quote from Readme.Patch-20091015.
Bump PKGREVISION. Introduction: ============= This patch fixes one buffer overflow problem in sgLog.c when overlong URLs are requested. SquidGuard will then go into emergency mode were no blocking occurs. This is not required in this situation. The URLs must be build with a overlong sequence of slashes (/). ATTENTION: While squidGuard will no longer go into emergeny mode when one overlong URL is passed to it, it is possible to use the overlong URL to bypass the filter. This vulnerability is not fixed by this patch! You can check if this vulnerability is actually exploited on your system by checking the logfile squidGuard.log for the following warning (provided you have not used the option --with-nolog=yes with configure before compiling squidguard): Warning: Possible bypass attempt. Found multiple slashes where only one is expected:
This commit is contained in:
taca
parent
353a06b625
commit
a7f27b2d10
2 changed files with 14 additions and 3 deletions
|
|
@ -1,12 +1,16 @@
|
|||
# $NetBSD: Makefile,v 1.18 2009/08/31 08:55:31 adam Exp $
|
||||
# $NetBSD: Makefile,v 1.19 2009/10/17 01:50:38 taca Exp $
|
||||
|
||||
DISTNAME= squidGuard-1.4
|
||||
PKGREVISION= 1
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= http://www.squidguard.org/Downloads/
|
||||
MASTER_SITES= http://www.squidguard.org/Downloads/ \
|
||||
http://www.squidguard.org/Downloads/Patches/1.4/
|
||||
DISTFILES= ${DEFAULT_DISTFILES} squidGuard-1.4-patch-20091015.tar.gz
|
||||
|
||||
MAINTAINER= zuntum@NetBSD.org
|
||||
HOMEPAGE= http://www.squidguard.org/
|
||||
COMMENT= Ultrafast and free filter, redirector and access controller for Squid
|
||||
LICENSE= gnu-gpl-v2
|
||||
|
||||
.include "../../www/squid/Makefile.common"
|
||||
|
||||
|
|
@ -45,6 +49,10 @@ INSTALLATION_DIRS+= bin ${EGDIR}
|
|||
|
||||
CGIBINDIR?= ${PREFIX}/libexec/cgi-bin/
|
||||
|
||||
pre-patch:
|
||||
${CP} ${WRKDIR}/squidGuard-1.4-patch-20091015/sgLog.c \
|
||||
${WRKSRC}/src
|
||||
|
||||
do-install:
|
||||
${INSTALL_PROGRAM} ${WRKSRC}/src/squidGuard ${DESTDIR}${PREFIX}/bin
|
||||
${INSTALL_DATA} ${WRKSRC}/samples/sample.conf \
|
||||
|
|
|
|||
|
|
@ -1,5 +1,8 @@
|
|||
$NetBSD: distinfo,v 1.6 2009/08/31 08:55:31 adam Exp $
|
||||
$NetBSD: distinfo,v 1.7 2009/10/17 01:50:38 taca Exp $
|
||||
|
||||
SHA1 (squidGuard-1.4-patch-20091015.tar.gz) = b6ad4c67222463e6bafa002593e947d73929db18
|
||||
RMD160 (squidGuard-1.4-patch-20091015.tar.gz) = 08991337d2966d44dbe2a9a131b26fa881e1e807
|
||||
Size (squidGuard-1.4-patch-20091015.tar.gz) = 2577 bytes
|
||||
SHA1 (squidGuard-1.4.tar.gz) = 0508ccb7db5c656b9952eacbcff2c956c01677d3
|
||||
RMD160 (squidGuard-1.4.tar.gz) = c44880ddbfd7d1ad63fcda1c6ed777f24feedbba
|
||||
Size (squidGuard-1.4.tar.gz) = 1968492 bytes
|
||||
|
|
|
|||
Loading…
Reference in a new issue