rpms/squidGuard/devel squidGuard-1.4-20091015.patch, NONE, 1.1 squidGuard-1.4-20091019.patch, NONE, 1.1 squidGuard.spec, 1.21, 1.22
Jon Ciesla
limb at fedoraproject.org
Mon Oct 26 13:30:17 UTC 2009
Author: limb
Update of /cvs/pkgs/rpms/squidGuard/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6141
Modified Files:
squidGuard.spec
Added Files:
squidGuard-1.4-20091015.patch squidGuard-1.4-20091019.patch
Log Message:
Applying upstream patches for CVE-2009-3700, BZ 530862.
squidGuard-1.4-20091015.patch:
sgLog.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
--- NEW FILE squidGuard-1.4-20091015.patch ---
--- src/sgLog.c 2007-11-16 10:58:32.000000000 -0600
+++ src/sgLog.c 2009-10-15 14:25:14.000000000 -0500
@@ -5 +5 @@
- This software product, squidGuard, is copyrighted (C) 1998-2007
+ This software product, squidGuard, is copyrighted (C) 1998-2009
@@ -58,2 +58,2 @@
- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
- fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno));
+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
+ fprintf(stderr,"overflow in vsnprintf (sgLog): %s",strerror(errno));
@@ -90,2 +90,2 @@
- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
- sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno));
+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
+ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
@@ -107,2 +107,2 @@
- if(vsprintf(msg, format, ap) > (MAX_BUF - 1))
- return;
+ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1))
+ sgLog(globalErrorLog, "overflow in vsnprintf (sgLogError): %s",strerror(errno));
squidGuard-1.4-20091019.patch:
sgDiv.c.in | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- NEW FILE squidGuard-1.4-20091019.patch ---
--- src/sgDiv.c.in 2008-07-14 11:02:43.000000000 -0500
+++ src/sgDiv.c.in 2009-10-19 14:26:04.000000000 -0500
@@ -748 +748 @@
- strcat(buf, req->orig);
+ strncat(buf, req->orig, 2048);
--- src/sg.h.in 2007-11-16 10:58:32.000000000 -0600
+++ src/sg.h.in 2009-10-19 14:25:23.000000000 -0500
@@ -76 +76 @@
-#define MAX_BUF 4096
+#define MAX_BUF 12288
Index: squidGuard.spec
===================================================================
RCS file: /cvs/pkgs/rpms/squidGuard/devel/squidGuard.spec,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -p -r1.21 -r1.22
--- squidGuard.spec 21 Oct 2009 19:35:22 -0000 1.21
+++ squidGuard.spec 26 Oct 2009 13:30:17 -0000 1.22
@@ -7,7 +7,7 @@
Name: squidGuard
Version: 1.4
-Release: 7%{?dist}
+Release: 8%{?dist}
Summary: Filter, redirector and access controller plugin for squid
Group: System Environment/Daemons
@@ -35,6 +35,8 @@ Patch3: squidGuard-perlwarning.patch
#Patch4: squidGuard-sed.patch
Patch5: squidGuard-makeinstall.patch
#Patch6: squidGuard-1.3-SG-2008-06-13.patch
+Patch7: squidGuard-1.4-20091015.patch
+Patch8: squidGuard-1.4-20091019.patch
URL: http://www.squidguard.org/
@@ -79,6 +81,8 @@ Neither squidGuard nor Squid can be used
#%patch4 -p1
%patch5 -p1
#%patch6 -p0
+%patch7 -p0
+%patch8 -p0
%{__cp} %{SOURCE100} ./squidGuard.conf.k12ltsp.template
%{__cp} %{SOURCE101} ./update_squidguard_blacklists.k12ltsp.sh
@@ -196,6 +200,9 @@ fi
%{_localstatedir}/log/squid/squidGuard.log
%changelog
+* Mon Oct 26 2009 Jon Ciesla <limb at jcomserv.net> - 1.4-8
+- Applying upstream patches for CVE-2009-3700, BZ 530862.
+
* Thu Sep 24 2009 Jon Ciesla <limb at jcomserv.net> - 1.4-7
- Make squidGuard.cgi config(noreplace)
- Relocated logs, updated logrotate file.
@@ -225,7 +232,7 @@ fi
- Update to 1.3.
- Dropped paths, sed patches, applied upstream.
- New SG-2008-06-13 patch.
-
+
* Wed Feb 11 2009 Jon Ciesla <limb at jcomserv.net> - 1.2.1-2
- Fix sg-2008-06-13, BZ 452467.
More information about the fedora-extras-commits
mailing list