packages/squid
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!91 fix CVE-2023-46724

Browse Source 
From: @yangl777 
Reviewed-by: @robertxw 
Signed-off-by: @robertxw
This commit is contained in:
openeuler-ci-bot 2023-11-02 08:20:43 +00:00 committed by Gitee
commit 99c6be497d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
backport-CVE-2023-46724.patch Normal file
View File

@ -0,0 +1,39 @@
From b70f864940225dfe69f9f653f948e787f99c3810 Mon Sep 17 00:00:00 2001
From: Andreas Weigel <andreas.weigel@securepoint.de>
Date: Wed, 18 Oct 2023 04:14:31 +0000
Subject: [PATCH] Fix validation of certificates with CN=* (#1523)
The bug was discovered and detailed by Joshua Rogers at
https://megamansec.github.io/Squid-Security-Audit/
where it was filed as "Buffer UnderRead in SSL CN Parsing".
Conflict:NA
Reference:https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810
---
src/anyp/Uri.cc | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/anyp/Uri.cc b/src/anyp/Uri.cc
index 3eed2366abd..ef77d4f766b 100644
--- a/src/anyp/Uri.cc
+++ b/src/anyp/Uri.cc
@@ -175,6 +175,10 @@ urlInitialize(void)
assert(0 == matchDomainName("*.foo.com", ".foo.com", mdnHonorWildcards));
assert(0 != matchDomainName("*.foo.com", "foo.com", mdnHonorWildcards));
+ assert(0 != matchDomainName("foo.com", ""));
+ assert(0 != matchDomainName("foo.com", "", mdnHonorWildcards));
+ assert(0 != matchDomainName("foo.com", "", mdnRejectSubsubDomains));
+
/* more cases? */
}
@@ -828,6 +832,8 @@ matchDomainName(const char *h, const char *d, MatchDomainNameFlags flags)
return -1;
dl = strlen(d);
+ if (dl == 0)
+ return 1;
/*
* Start at the ends of the two strings and work towards the

9
squid.spec
View File

@ -2,7 +2,7 @@
Name: squid
Version: 6.1
Release: 2
Release: 3
Summary: The Squid proxy caching server
Epoch: 7
License: GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain)
@ -26,6 +26,7 @@ Patch5: backport-0002-CVE-2023-5824.patch
Patch6: backport-CVE-2023-46846.patch
Patch7: backport-CVE-2023-46847.patch
Patch8: backport-CVE-2023-46848.patch
Patch9: backport-CVE-2023-46724.patch
Requires: bash
Requires: httpd-filesystem
@ -248,6 +249,12 @@ fi
chgrp squid /var/cache/samba/winbindd_privileged >/dev/null 2>&1 || :
%changelog
* Thu Nov 02 2023 yanglu <yanglu72@h-partners.com> - 7:6.1-3
- Type:CVE
- ID:CVE-2023-46724
- SUG:NA
- DESC:fix CVE-2023-46724
* Tue Oct 31 2023 yanglu <yanglu72@h-partners.com> - 7:6.1-2
- Type:cves
- ID:CVE-2023-5824 CVE-2023-46846 CVE-2023-46847 CVE-2023-46848