Date: Wed, 27 Aug 2014 22:13:03 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 192828] [new port] add squid34 to ports Message-ID: <bug-192828-13-YCimPm6S3E@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-192828-13@https.bugs.freebsd.org/bugzilla/> References: <bug-192828-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192828 --- Comment #37 from Dennis Glatting <freebsd@pki2.com> --- Created attachment 146412 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=146412&action=edit Updates www/squid34 to 3.4.7 Version 3.4.7 was released today. Attached is an updated shar file. I am running this version on one of my active servers but only for the last hour. I am NOT a Kerberos site. There is a CVE against 3.4.6 /and/ the 3.3 version in ports but 3.4.7 is fixed. The impacted version also includes 3.4.6 previously posted here but another change set is all that is needed. * CVE-2014-3609 : SQUID-2014:2 Denial of service in request processing http://www.squid-cache.org/Advisories/SQUID-2014_2.txt This vulnerability allows any client who is allowed to use the proxy to perform a denial of service attack on Squid. This issue is particularly impacting reverse-proxy installations. A simple squid.conf workaround is available for quick use and those unable to upgrade. See the Advisory notice for details. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-192828-13-YCimPm6S3E>