Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 11 Apr 2013 00:29:37 GMT
From:      Kan Sasaki <sasaki@fcc.ad.jp>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/177773: [patch] www/squid: vendor fix for CVE-2012-5643
Message-ID:  <201304110029.r3B0TbEC027406@red.freebsd.org>
Resent-Message-ID: <201304110030.r3B0U1G9067417@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         177773
>Category:       ports
>Synopsis:       [patch] www/squid: vendor fix for CVE-2012-5643
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 11 00:30:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Kan Sasaki
>Release:        FreeBSD 9.1-STABLE amd64
>Organization:
>Environment:
>Description:
Add an additional vendor patch to fix the DoS condition in cachemgr.cgi (SQUID-2012:1, CVE-2012-5643).
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

Index: Makefile
===================================================================
--- Makefile	(revision 315774)
+++ Makefile	(working copy)
@@ -108,8 +108,8 @@
 		http://www1.jp.squid-cache.org/%SUBDIR%/ \
 		http://www2.tw.squid-cache.org/%SUBDIR%/
 PATCH_SITE_SUBDIR=	Versions/v2/2.7/changesets
-PATCH_DIST_STRIP=	-p1
-PATCHFILES=	# empty
+#PATCH_DIST_STRIP=	-p1
+PATCHFILES=	SQUID-2012_1.patch
 
 MAINTAINER=	tmseck@FreeBSD.org
 COMMENT=	HTTP Caching Proxy
Index: distinfo
===================================================================
--- distinfo	(revision 315774)
+++ distinfo	(working copy)
@@ -1,2 +1,4 @@
 SHA256 (squid2.7/squid-2.7.STABLE9.tar.bz2) = c0bdfcb5bb68debc1c9441308178bf148c67979b824c892a4710dc80a5b05d5e
 SIZE (squid2.7/squid-2.7.STABLE9.tar.bz2) = 1351366
+SHA256 (squid2.7/SQUID-2012_1.patch) = a456ed7a45fbecd94a4c68c0e72905135c4424c41c01ab858dc8c5760ee03a6f
+SIZE (squid2.7/SQUID-2012_1.patch) = 4804


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201304110029.r3B0TbEC027406>