squid: security bump to version 3.5.17

Fixes:
SQUID-2016:5 (CVE-2016-4051) - Buffer overflow in cachemgr.cgi
SQUID-2016:6 (CVE-2016-4052) - Multiple issues in ESI processing.
CVE-2016-4053 & CVE-2016-4054 which are part of SQUID-2016:6.

Switch to xz-compressed tarball as well.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/squid/squid.hash b/package/squid/squid.hash
index 37cfaa174dc8403a25443b4813fee89be7c4afc3..4f0090e87d2cb36350ebb894067583795488e7bd 100644 (file)
--- a/package/squid/squid.hash
+++ b/package/squid/squid.hash
@@ -1,3 +1,3 @@
-# From http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.16.tar.bz2.asc
-md5 ab9c92f4a579e056cd8afafa0a95f612  squid-3.5.16.tar.bz2
-sha1 f3a2b8a7451b79d24e8fd166306e2c7248ef3be9  squid-3.5.16.tar.bz2
+# From http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.17.tar.xz.asc
+md5    2dc73cc01e77b1bd16d9070780ae79b1        squid-3.5.17.tar.xz
+sha1   8ef6fe7d778df9538a4aa29d7e8ace52246e7a23        squid-3.5.17.tar.xz

diff --git a/package/squid/squid.mk b/package/squid/squid.mk
index b2e0c9806d025c3496f686fc877046db5714443a..1d601b5e1722360dc02b1539d66d03f8a7636205 100644 (file)
--- a/package/squid/squid.mk
+++ b/package/squid/squid.mk
@@ -5,8 +5,8 @@
 ################################################################################
 
 SQUID_VERSION_MAJOR = 3.5
-SQUID_VERSION = $(SQUID_VERSION_MAJOR).16
-SQUID_SOURCE = squid-$(SQUID_VERSION).tar.bz2
+SQUID_VERSION = $(SQUID_VERSION_MAJOR).17
+SQUID_SOURCE = squid-$(SQUID_VERSION).tar.xz
 SQUID_SITE = http://www.squid-cache.org/Versions/v3/$(SQUID_VERSION_MAJOR)
 SQUID_LICENSE = GPLv2+
 SQUID_LICENSE_FILES = COPYING