Revisions of squid
- Do not try to set special permissions for basic_pam_auth (bsc#1197649)
- Fix upgrade path from squid 4.x where we replaced some symlinks with directories in pretrans section (bsc#1197333) - old_nettle_compat.patch: refresh patch
Automatic submission by obs-autosubmit
- Adjust harden_squid.service.patch to resolve boo#1193938
- transition to squid 5.x. This is a major release and for changes and how to transition from 4.x, see the release notes, http://www.squid-cache.org/Versions/v5/RELEASENOTES.html - update to 5.2 * fixes issues with WCCP protocol that may lead to information disclosure (bsc#1189403, CVE-2021-28116) - drop unused BR: db-devel, ed, opensp-devel, pkgconfig(kdb) - new BR: pkgconfig(tdb)
Automatic submission by obs-autosubmit
Adding bug and CVE references only
- re-add older SLES12 requirements so we can use one devel project for all codestreams - fix previous change to reinstante permissions macros, because the wrong path has been used (bsc#1171569). - use libexecdir instead of libdir to conform to recent changes in Factory (bsc#1171164).
- Reinstate permissions macros for pinger binary, because the permissions package is also responsible for setting up the cap_net_raw capability, currently a fresh squid install doesn't get a capability bit at all (bsc#1171569).
Automatic submission by obs-autosubmit
- squid 4.13: * Enforce token characters for field-name (#700) * Fix livelocking in peerDigestHandleReply (#698) (bsc#1175671) * Improve Transfer-Encoding handling (#702) (bsc#1175665, CVE-2020-15811) * Forbid obs-fold and bare CR whitespace in framing header fields (#701) * Source Format Enforcement * Enforce token characters for field-name (#700) (bsc#1175664, CVE-2020-15810) * Do not stall while debugging a scan of an empty store_table (#699) * Fix livelocking in peerDigestHandleReply (#698) * Honor on_unsupported_protocol for intercepted https_port (#689) * Bug #5051: Some collapsed revalidation responses never expire (#683) * SslBump: Support parsing GREASEd (and future) TLS handshakes (#663)
Only add missing CVE and bugnumber * HTTP: validate Content-Length value prefix (CVE-2020-15049, bsc#1173455)
Displaying revisions 21 - 40 of 122