From 72c3581ea5ba5bf6c6aa799ba22e64665b336cd6 Mon Sep 17 00:00:00 2001
From: Lubos Uhliarik <luhliari@redhat.com>
Date: Wed, 31 Mar 2021 20:31:04 +0200
Subject: [PATCH 1/3] new version 4.14 Resolves: #1939927 - CVE-2020-25097
 squid: improper input validation may allow   a trusted client to perform HTTP
 Request Smuggling

---
 sources    | 4 ++--
 squid.spec | 9 +++++++--
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/sources b/sources
index b026e38..44e9f71 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (squid-4.13.tar.xz) = 06807f82ed01e12afe2dd843aa0a94f69c351765b1889c4c5c3da1cf2ecb06ac3a4be6a24a62f04397299c8fc0df5397f76f64df5422ff78b37a9382d5fdf7fc
-SHA512 (squid-4.13.tar.xz.asc) = be1265376927dcb3c96ea0c8c1b0f1d6bd7e3deb0fdd38ff80030c31f53f77345a8b8564c6b8cc79d7449aa361d4bdf1ba10d02f5f08af245ee35b484977b93a
+SHA512 (squid-4.14.tar.xz) = 3509caea9e10ea54547eeb769a21f0ca4d37e39a063953821fc51d588b22facfa183d0a48be9ab15831ee646e031079b515c75162515b8a4e7c708df2d41958b
+SHA512 (squid-4.14.tar.xz.asc) = a556e5f20e25e598375e3a6d8a300a1e35b29c89b8125f31d3fb16f1f59f538548f7f2e7424f06fc957e330cca8f16e0efe534a4772699454cd1778a82d4647d
 SHA512 (pgp.asc) = 09f7012030d68831dfc083d67ca63ee54ed851482ca8d0e9505b444ee3e7ddeed62369b53f2917c9b2e0e57cc0533fce46e8cafd2ebcd1c6cb186b516efd0ad2
diff --git a/squid.spec b/squid.spec
index 140ad3f..1e48fd8 100644
--- a/squid.spec
+++ b/squid.spec
@@ -1,8 +1,8 @@
 %define __perl_requires %{SOURCE98}
 
 Name:     squid
-Version:  4.13
-Release:  3%{?dist}
+Version:  4.14
+Release:  1%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@@ -300,6 +300,11 @@ fi
 
 
 %changelog
+* Wed Mar 31 2021 Lubos Uhliarik <luhliari@redhat.com> - 7:4.14-1
+- new version 4.14
+- Resolves: #1939927 - CVE-2020-25097 squid: improper input validation may allow
+  a trusted client to perform HTTP Request Smuggling
+
 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 7:4.13-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 

From 815e336e3888ac3459828dda089a8e352e422003 Mon Sep 17 00:00:00 2001
From: Lubos Uhliarik <luhliari@redhat.com>
Date: Wed, 31 Mar 2021 20:41:52 +0200
Subject: [PATCH 2/3] - fix perlpath patch

---
 squid-3.0.STABLE1-perlpath.patch | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/squid-3.0.STABLE1-perlpath.patch b/squid-3.0.STABLE1-perlpath.patch
index 087469d..9cb5e81 100644
--- a/squid-3.0.STABLE1-perlpath.patch
+++ b/squid-3.0.STABLE1-perlpath.patch
@@ -6,5 +6,5 @@ index 4cb0480..4b89910 100755
 -#!/usr/local/bin/perl -Tw
 +#!/usr/bin/perl -Tw
  #
- # * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
+ # * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
  # *

From ddc997457b39ba3e6dc4e68756bf97deea68dfe7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= <luhliari@redhat.com>
Date: Wed, 2 Jun 2021 14:44:09 +0200
Subject: [PATCH 3/3] new version 4.15

---
 sources           | 4 ++--
 squid-gcc11.patch | 8 ++++----
 squid.spec        | 5 ++++-
 3 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/sources b/sources
index 44e9f71..2af1d3f 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (squid-4.14.tar.xz) = 3509caea9e10ea54547eeb769a21f0ca4d37e39a063953821fc51d588b22facfa183d0a48be9ab15831ee646e031079b515c75162515b8a4e7c708df2d41958b
-SHA512 (squid-4.14.tar.xz.asc) = a556e5f20e25e598375e3a6d8a300a1e35b29c89b8125f31d3fb16f1f59f538548f7f2e7424f06fc957e330cca8f16e0efe534a4772699454cd1778a82d4647d
+SHA512 (squid-4.15.tar.xz) = 8f0ce6e30dd9173927e8133618211ffb865fb5dde4c63c2fb465e2efccda4a6efb33f2c0846870c9b915340aff5f59461a60171882bcc0c890336b846fe60bd1
+SHA512 (squid-4.15.tar.xz.asc) = f6585badac7345e057081f313178c738b55f89d6ddab24603b522555bf4114b941256793dc3f27d604fc58c3f8606c2e8ae4e64ff56617d4d2527c1722713007
 SHA512 (pgp.asc) = 09f7012030d68831dfc083d67ca63ee54ed851482ca8d0e9505b444ee3e7ddeed62369b53f2917c9b2e0e57cc0533fce46e8cafd2ebcd1c6cb186b516efd0ad2
diff --git a/squid-gcc11.patch b/squid-gcc11.patch
index c87ade5..e18cc37 100644
--- a/squid-gcc11.patch
+++ b/squid-gcc11.patch
@@ -1,5 +1,5 @@
 diff --git a/src/acl/ConnMark.cc b/src/acl/ConnMark.cc
-index 1fdae0c..213cf39 100644
+index 3b6ad0f..1ff8bf8 100644
 --- a/src/acl/ConnMark.cc
 +++ b/src/acl/ConnMark.cc
 @@ -15,6 +15,7 @@
@@ -8,10 +8,10 @@ index 1fdae0c..213cf39 100644
  #include "sbuf/Stream.h"
 +#include <limits>
  
- bool
- Acl::ConnMark::empty() const
+ #include <limits>
+ 
 diff --git a/src/security/ServerOptions.cc b/src/security/ServerOptions.cc
-index 5cd81ab..3f73892 100644
+index 9098b69..136cdf2 100644
 --- a/src/security/ServerOptions.cc
 +++ b/src/security/ServerOptions.cc
 @@ -6,6 +6,7 @@
diff --git a/squid.spec b/squid.spec
index 1e48fd8..a12e598 100644
--- a/squid.spec
+++ b/squid.spec
@@ -1,7 +1,7 @@
 %define __perl_requires %{SOURCE98}
 
 Name:     squid
-Version:  4.14
+Version:  4.15
 Release:  1%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
@@ -300,6 +300,9 @@ fi
 
 
 %changelog
+* Wed Jun 02 2021 Luboš Uhliarik <luhliari@redhat.com> - 7:4.15-1
+- new version 4.15
+
 * Wed Mar 31 2021 Lubos Uhliarik <luhliari@redhat.com> - 7:4.14-1
 - new version 4.14
 - Resolves: #1939927 - CVE-2020-25097 squid: improper input validation may allow