mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 04:17:25 +00:00
3183e67999
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-41317 Pick the v4 patch referenced in the nvd report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
27 lines
1.1 KiB
Diff
27 lines
1.1 KiB
Diff
From 745d5d5a6d10731656adfc2b1b4d16ef208dd073 Mon Sep 17 00:00:00 2001
|
|
From: Amos Jeffries <yadij@users.noreply.github.com>
|
|
Date: Wed, 17 Aug 2022 23:32:43 +0000
|
|
Subject: [PATCH] Fix typo in manager ACL (#1113)
|
|
|
|
CVE: CVE-2022-41317
|
|
Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/2c5d2de9bdcd25d1127987f8f76c986ab5bfb6da]
|
|
|
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
|
---
|
|
src/cf.data.pre | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/cf.data.pre b/src/cf.data.pre
|
|
index 4aef432..f15d56b 100644
|
|
--- a/src/cf.data.pre
|
|
+++ b/src/cf.data.pre
|
|
@@ -1001,7 +1001,7 @@ DEFAULT: ssl::certUntrusted ssl_error X509_V_ERR_INVALID_CA X509_V_ERR_SELF_SIGN
|
|
DEFAULT: ssl::certSelfSigned ssl_error X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
|
|
ENDIF
|
|
DEFAULT: all src all
|
|
-DEFAULT: manager url_regex -i ^cache_object:// +i ^https?://[^/]+/squid-internal-mgr/
|
|
+DEFAULT: manager url_regex -i ^cache_object:// +i ^[^:]+://[^/]+/squid-internal-mgr/
|
|
DEFAULT: localhost src 127.0.0.1/32 ::1
|
|
DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1/128 ::/128
|
|
DEFAULT_DOC: ACLs all, manager, localhost, and to_localhost are predefined.
|