From 3401e29aa7643bfba29e80c23cf5c613a0160d73 Mon Sep 17 00:00:00 2001 From: Josef Schlehofer Date: Thu, 16 Jul 2020 19:47:29 +0200 Subject: squid: update to version 4.12 - Fixes CVEs: CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12523 CVE-2019-12524 CVE-2019-12525 CVE-2019-12526 CVE-2019-12527 CVE-2019-12528 CVE-2019-12529 CVE-2019-12824 CVE-2019-12854 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2020-8449 CVE-2020-8450 CVE-2020-11945 CVE-2020-14058 CVE-2020-15049 - Remove patch for cross-compilation The patch should not be included in the OpenWrt at all without any commit message/description. Is not needed and there should be used HOST variables instead of BUILD variables (e.g. HOSTCXX) However, the BUILDCXX is set in Makefile to HOSTCXX - Renumber glibc patch and refresh it Signed-off-by: Josef Schlehofer --- net/squid/patches/001-cross_compile.patch | 22 ---------------------- net/squid/patches/001-glibc-compile.patch | 12 ++++++++++++ net/squid/patches/002-glibc-compile.patch | 12 ------------ 3 files changed, 12 insertions(+), 34 deletions(-) delete mode 100644 net/squid/patches/001-cross_compile.patch create mode 100644 net/squid/patches/001-glibc-compile.patch delete mode 100644 net/squid/patches/002-glibc-compile.patch (limited to 'net/squid/patches') diff --git a/net/squid/patches/001-cross_compile.patch b/net/squid/patches/001-cross_compile.patch deleted file mode 100644 index e392dba71..000000000 --- a/net/squid/patches/001-cross_compile.patch +++ /dev/null @@ -1,22 +0,0 @@ -From fac6f63a52a2f4cbb3748cd5687eca5409093904 Mon Sep 17 00:00:00 2001 -From: Marko Ratkaj -Date: Thu, 20 Apr 2017 15:15:50 +0200 -Subject: [PATCH] foo - -Signed-off-by: Marko Ratkaj ---- - src/Makefile.in | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/src/Makefile.in -+++ b/src/Makefile.in -@@ -8385,7 +8385,8 @@ - - # cf_gen builds the configuration files. - cf_gen$(EXEEXT): $(cf_gen_SOURCES) $(cf_gen_DEPENDENCIES) cf_gen_defines.cci -- $(BUILDCXX) $(BUILDCXXFLAGS) -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src -+ g++ -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src -+ - - # squid.conf.default is built by cf_gen when making cf_parser.cci - squid.conf.default squid.conf.documented: cf_parser.cci diff --git a/net/squid/patches/001-glibc-compile.patch b/net/squid/patches/001-glibc-compile.patch new file mode 100644 index 000000000..fd11e85ce --- /dev/null +++ b/net/squid/patches/001-glibc-compile.patch @@ -0,0 +1,12 @@ +--- a/src/tools.cc ++++ b/src/tools.cc +@@ -582,7 +582,8 @@ enter_suid(void) + } + #else + +- setuid(0); ++ if (setuid(0) < 0) ++ debugs(50, 1, "no_suid: setuid (0)"); + #endif + #if HAVE_PRCTL && defined(PR_SET_DUMPABLE) + /* Set Linux DUMPABLE flag */ diff --git a/net/squid/patches/002-glibc-compile.patch b/net/squid/patches/002-glibc-compile.patch deleted file mode 100644 index 24da83efc..000000000 --- a/net/squid/patches/002-glibc-compile.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/src/tools.cc -+++ b/src/tools.cc -@@ -582,7 +582,8 @@ - } - #else - -- setuid(0); -+ if (setuid(0) < 0) -+ debugs(50, 1, "no_suid: setuid (0)"); - #endif - #if HAVE_PRCTL && defined(PR_SET_DUMPABLE) - /* Set Linux DUMPABLE flag */ -- cgit v1.2.3