Date: Sat, 22 Jan 2005 09:31:33 +0000 (UTC) From: Edwin Groothuis <edwin@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/www/squid Makefile distinfo Message-ID: <200501220931.j0M9VX6G052691@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
edwin 2005-01-22 09:31:33 UTC
FreeBSD ports repository
Modified files:
www/squid Makefile distinfo
Log:
[Maintainer/security] www/squid: protect against HTTP resonse split
attack and other patches
Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- FTP data connection fails on some FTP servers when requesting
a directory without a trailing slash (squid bug #1194)
- Icons fail to load on non-anonymous FTP when using the
short_icons_url configuration directive (squid bug #1203)
- Strengthen squid against HTTP response splitting cache pollution
attacks (squid bug #1200), classified as security issue by
the vendor
Proposed VuXML information, entry date left to be filled in:
(Note: I added only a publically accessible link to the Sanctum,
Inc. whitepaper, the squid bug tracker contains a deep link
to the PDF itself; if we are allowed to publish it, it could
instead be used as reference because Sanctum, Inc. wants you
to register with them before you get access to their whitepapers.)
PR: ports/76550
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de>
Revision Changes Path
1.151 +5 -2 ports/www/squid/Makefile
1.115 +6 -0 ports/www/squid/distinfo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501220931.j0M9VX6G052691>