new file mode 100644
@@ -0,0 +1,37 @@
+From 77b3fb4df0f126784d5fd4967c28ed40eb8d521b Mon Sep 17 00:00:00 2001
+From: Alex Rousskov <rousskov@measurement-factory.com>
+Date: Wed, 25 Oct 2023 19:41:45 +0000
+Subject: [PATCH] RFC 1123: Fix date parsing (#1538)
+
+The bug was discovered and detailed by Joshua Rogers at
+https://megamansec.github.io/Squid-Security-Audit/datetime-overflow.html
+where it was filed as "1-Byte Buffer OverRead in RFC 1123 date/time
+Handling".
+
+Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b]
+CVE: CVE-2023-49285
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+---
+ lib/rfc1123.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/rfc1123.c b/lib/rfc1123.c
+index 2d889cc..add63f0 100644
+--- a/lib/rfc1123.c
++++ b/lib/rfc1123.c
+@@ -50,7 +50,13 @@ make_month(const char *s)
+ char month[3];
+
+ month[0] = xtoupper(*s);
++ if (!month[0])
++ return -1; // protects *(s + 1) below
++
+ month[1] = xtolower(*(s + 1));
++ if (!month[1])
++ return -1; // protects *(s + 2) below
++
+ month[2] = xtolower(*(s + 2));
+
+ for (i = 0; i < 12; i++)
+--
+2.39.3
@@ -26,6 +26,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2
file://0001-splay.cc-fix-bind-is-not-a-member-of-std.patch \
file://0001-Fix-build-on-Fedora-Rawhide-772.patch \
file://CVE-2023-46847.patch \
+ file://CVE-2023-49285.patch \
"
SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch"
Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b] Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> --- .../squid/files/CVE-2023-49285.patch | 37 +++++++++++++++++++ .../recipes-daemons/squid/squid_4.15.bb | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch