Message ID | 20240514215636.2866720-1-bernd@kuhls.net |
---|---|
State | Accepted |
Headers | show |
Series | [1/1] package/squid: security bump version to 6.9 | expand |
>>>>> "Bernd" == Bernd Kuhls <bernd@kuhls.net> writes: > Fixes CVE-2024-25111: > https://github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc > Signed-off-by: Bernd Kuhls <bernd@kuhls.net> > --- > package/squid/squid.hash | 6 +++--- > package/squid/squid.mk | 2 +- > 2 files changed, 4 insertions(+), 4 deletions(-) > diff --git a/package/squid/squid.hash b/package/squid/squid.hash > index 4a8ea5d550..ed78933306 100644 > --- a/package/squid/squid.hash > +++ b/package/squid/squid.hash > @@ -1,6 +1,6 @@ > -# From http://www.squid-cache.org/Versions/v6/squid-6.6.tar.xz.asc > -md5 5a41134ee1b7e75f62088acdec92d2ca squid-6.6.tar.xz > -sha1 f05e06a9dd3bf7501d2844e43d9ae1bd00e9edcc squid-6.6.tar.xz > +# From http://www.squid-cache.org/Versions/v6/squid-6.9.tar.xz.asc > +md5 4888e9dc75c0daa0ed526b34c055cb67 squid-6.9.tar.xz > +sha1 5e73b30116ce7111589cc2b1c9bfe3c17efa2e75 squid-6.9.tar.xz > # Locally calculated > sha256 55bd7f9f4898153161ea1228998acb551bf840832b9e5b90fc8ecd2942420318 squid-6.6.tar.xz You forgot to update the sha256. Committed with that fixed, thanks.
>>>>> "Bernd" == Bernd Kuhls <bernd@kuhls.net> writes: > Fixes CVE-2024-25111: > https://github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc > Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Committed to 2024.02.x, thanks.
diff --git a/package/squid/squid.hash b/package/squid/squid.hash index 4a8ea5d550..ed78933306 100644 --- a/package/squid/squid.hash +++ b/package/squid/squid.hash @@ -1,6 +1,6 @@ -# From http://www.squid-cache.org/Versions/v6/squid-6.6.tar.xz.asc -md5 5a41134ee1b7e75f62088acdec92d2ca squid-6.6.tar.xz -sha1 f05e06a9dd3bf7501d2844e43d9ae1bd00e9edcc squid-6.6.tar.xz +# From http://www.squid-cache.org/Versions/v6/squid-6.9.tar.xz.asc +md5 4888e9dc75c0daa0ed526b34c055cb67 squid-6.9.tar.xz +sha1 5e73b30116ce7111589cc2b1c9bfe3c17efa2e75 squid-6.9.tar.xz # Locally calculated sha256 55bd7f9f4898153161ea1228998acb551bf840832b9e5b90fc8ecd2942420318 squid-6.6.tar.xz sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/squid/squid.mk b/package/squid/squid.mk index e325c63cb0..60eca397ec 100644 --- a/package/squid/squid.mk +++ b/package/squid/squid.mk @@ -4,7 +4,7 @@ # ################################################################################ -SQUID_VERSION = 6.6 +SQUID_VERSION = 6.9 SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz SQUID_SITE = http://www.squid-cache.org/Versions/v6 SQUID_LICENSE = GPL-2.0+
Fixes CVE-2024-25111: https://github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc Signed-off-by: Bernd Kuhls <bernd@kuhls.net> --- package/squid/squid.hash | 6 +++--- package/squid/squid.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-)