webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 11:43:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

squid: Patch SQUID-2016:3/CVE-2016-3947

Browse Source 
http://www.squid-cache.org/Advisories/SQUID-2016_3.txt

 Due to a buffer overrun Squid pinger binary is vulnerable to
 denial of service or information leak attack when processing
 ICMPv6 packets.

 This bug also permits the server response to manipulate other
 ICMP and ICMPv6 queries processing to cause information leak.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2016-04-05 22:52:54 +01:00
parent 52b08bc1ea
commit bdb319c0ca
2 changed files with 52 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lfs/squid
View File

@@ -73,6 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13228.patch
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4.14-fix-max-file-descriptors.patch
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13230.patch
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13232.patch
cd $(DIR_APP) && autoreconf -vfi
cd $(DIR_APP)/libltdl && autoreconf -vfi