From 0e388424c6285860d6081c6706e95e3a94d993f0 Mon Sep 17 00:00:00 2001 From: edwin Date: Sat, 22 Jan 2005 09:31:33 +0000 Subject: [Maintainer/security] www/squid: protect against HTTP resonse split attack and other patches Integrate vendor patches as published on : - FTP data connection fails on some FTP servers when requesting a directory without a trailing slash (squid bug #1194) - Icons fail to load on non-anonymous FTP when using the short_icons_url configuration directive (squid bug #1203) - Strengthen squid against HTTP response splitting cache pollution attacks (squid bug #1200), classified as security issue by the vendor Proposed VuXML information, entry date left to be filled in: (Note: I added only a publically accessible link to the Sanctum, Inc. whitepaper, the squid bug tracker contains a deep link to the PDF itself; if we are allowed to publish it, it could instead be used as reference because Sanctum, Inc. wants you to register with them before you get access to their whitepapers.) PR: ports/76550 Submitted by: Thomas-Martin Seck --- www/squid/Makefile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'www/squid/Makefile') diff --git a/www/squid/Makefile b/www/squid/Makefile index c0dae01f7424..62936694a16b 100644 --- a/www/squid/Makefile +++ b/www/squid/Makefile @@ -74,7 +74,7 @@ PORTNAME= squid PORTVERSION= 2.5.7 -PORTREVISION= 7 +PORTREVISION= 8 CATEGORIES= www MASTER_SITES= \ ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \ @@ -102,7 +102,10 @@ PATCHFILES= squid-2.5.STABLE7-half_closed_POST.patch \ squid-2.5.STABLE7-wccp_denial_of_service.patch \ squid-2.5.STABLE7-dns_memleak.patch \ squid-2.5.STABLE7-fqdn_truncated.patch \ - squid-2.5.STABLE7-ldap_spaces.patch + squid-2.5.STABLE7-ldap_spaces.patch \ + squid-2.5.STABLE7-ftp_datachannel.patch \ + squid-2.5.STABLE7-short_icons_urls.patch \ + squid-2.5.STABLE7-response_splitting.patch PATCH_DIST_STRIP= -p1 MAINTAINER= tmseck@netcologne.de -- cgit