diff -Nru squid3-3.3.8/debian/changelog squid3-3.3.8/debian/changelog --- squid3-3.3.8/debian/changelog 2016-04-14 12:06:23.000000000 -0400 +++ squid3-3.3.8/debian/changelog 2016-05-24 15:42:41.000000000 -0400 @@ -1,3 +1,10 @@ +squid3 (3.3.8-1ubuntu6.8) trusty; urgency=medium + + * debian/patches/bug3498.patch: Fix body_pipe == NULL case in + readStor(). Closes LP: #1423498. + + -- Nishanth Aravamudan Tue, 24 May 2016 15:42:32 -0400 + squid3 (3.3.8-1ubuntu6.7) trusty; urgency=medium [ Stanislav German-Evtushenko ] diff -Nru squid3-3.3.8/debian/patches/bug3498.patch squid3-3.3.8/debian/patches/bug3498.patch --- squid3-3.3.8/debian/patches/bug3498.patch 1969-12-31 19:00:00.000000000 -0500 +++ squid3-3.3.8/debian/patches/bug3498.patch 2016-05-24 15:42:25.000000000 -0400 @@ -0,0 +1,21 @@ +Description: Fix body_pipe == NULL case in readStor() +Author: Nishanth Aravamudan +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1423498 +Origin: upstream, https://github.com/squid-cache/squid/commit/fbae2055105819ff71f76475e1412b94fafc9e8b +Bug: http://bugs.squid-cache.org/show_bug.cgi?id=3498 + +--- squid3-3.3.8.orig/src/ftp.cc ++++ squid3-3.3.8/src/ftp.cc +@@ -3088,6 +3088,12 @@ void FtpStateData::readStor() + debugs(9, 3, HERE); + + if (code == 125 || (code == 150 && Comm::IsConnOpen(data.conn))) { ++ if (!originalRequest()->body_pipe) { ++ debugs(9, 3, "zero-size STOR?"); ++ state = WRITING_DATA; // make ftpWriteTransferDone() responsible ++ dataComplete(); // XXX: keep in sync with doneSendingRequestBody() ++ return; ++ } + if (!startRequestBodyFlow()) { // register to receive body data + ftpFail(this); + return; diff -Nru squid3-3.3.8/debian/patches/series squid3-3.3.8/debian/patches/series --- squid3-3.3.8/debian/patches/series 2016-03-04 14:58:43.000000000 -0500 +++ squid3-3.3.8/debian/patches/series 2016-05-24 15:41:05.000000000 -0400 @@ -14,3 +14,4 @@ CVE-2014-6270.patch CVE-2015-3455.patch CVE-2016-2571.patch +bug3498.patch