From patchwork Mon Oct 18 20:36:02 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?=
 <peter.mueller@ipfire.org>
X-Patchwork-Id: 4799
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384
	 client-signature ECDSA (P-384) client-digest SHA384)
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4HY7vg6xl3z3wcq
	for <patchwork@web04.haj.ipfire.org>; Mon, 18 Oct 2021 20:36:47 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4HY7vf65xDz1Tx;
	Mon, 18 Oct 2021 20:36:46 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4HY7vf5825z2yd3;
	Mon, 18 Oct 2021 20:36:46 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384)
 client-signature ECDSA (P-384))
 (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4HY7vd1kYvz2xZP
 for <development@lists.ipfire.org>; Mon, 18 Oct 2021 20:36:45 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384)
 (No client certificate requested)
 by mail01.ipfire.org (Postfix) with ESMTPSA id 4HY7vS2RNfz4q
 for <development@lists.ipfire.org>; Mon, 18 Oct 2021 20:36:30 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
 t=1634589404;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=buX8hgk/z5CYXnuJT40L+PncezOgf3qtg/rkkcajSnk=;
 b=WnZ+G7W7nk3CUhybH3rC1LDcJu8pM9HFUM1oFEzrW2/WryigKSyzOSrFyWJ1M4vQNSYPKc
 ARASUKGGSVjy4r4YU4vIxiveBhnE2cnCon4ZMHjnaqfGuTKOQB7swzLiodwr86iOxKJPua
 JJFheX4ZVqRQyYG6EOdO1eeFzYh47Bp/wcKveTq8Ax0q8kw9ovLcuk8TmokuGjiaHSPQ+d
 NBV8BsZDWDQNTFvOUOMNSD5A08ExomhQ/3qPpSdMpow4JBz4OZ7DAnPe4IO7tEmSKvMbaF
 mB2iPRZmU6tCf+rYliKWJk4MjNPu0BiS/LKRk358l0zbkKxxoMcRAn4w8wVAEw==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003ed25519; t=1634589404;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=buX8hgk/z5CYXnuJT40L+PncezOgf3qtg/rkkcajSnk=;
 b=ioFoeLw4qpz7jfNS8zG/FbooYrkTlWlujXacGHpbmrTJh5FTHSfQdLv3GVMnY4o9wkcF06
 AdS7gU7jkq1X2oCg==
To: "IPFire: Development" <development@lists.ipfire.org>
From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@ipfire.org>
Subject: [PATCH] squid-asnbl: update to 0.2.3
Message-ID: <b00a68ac-2844-6d51-9452-509ffad0416a@ipfire.org>
Date: Mon, 18 Oct 2021 22:36:02 +0200
MIME-Version: 1.0
Content-Language: en-US
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

Upstream commit 500b9137d0a9dd31e40f0d1effdba0aafeb94ca4 changes the
behaviour of this script in case of invalid or unresolvable FQDNs,
preventing Squid from eventually shutting down due to too many BH's per
time.

Since this allows (authenticated) users to run a DoS against the Squid
instance, it is considered to be security relevant.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 lfs/squid-asnbl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/squid-asnbl b/lfs/squid-asnbl
index 3fc001768..9bb7ef198 100644
--- a/lfs/squid-asnbl
+++ b/lfs/squid-asnbl
@@ -25,7 +25,7 @@
 
 include Config
 
-VER        = 0.2.2
+VER        = 0.2.3
 
 THISAPP    = squid-asnbl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = d62be77baa30b16d1c2362460123d6c0
+$(DL_FILE)_MD5 = cf0a269215f06f487d1ed488ea463d6b
 
 install : $(TARGET)