pkgsrc-changes: CVS commit: pkgsrc/www/squid

Subject: CVS commit: pkgsrc/www/squid
To: None <pkgsrc-changes@NetBSD.org>
From: Takahiro Kambe <taca@netbsd.org>
List: pkgsrc-changes
Date: 02/11/2005 14:47:18
Module Name:	pkgsrc
Committed By:	taca
Date:		Fri Feb 11 14:47:18 UTC 2005

Modified Files:
	pkgsrc/www/squid: Makefile distinfo
	pkgsrc/www/squid/patches: patch-al patch-cd

Log Message:
Update squid package to 2.5.8 (squid-2.5.STABLE8).

Most of these changes are already included in previous squid-2.5.7nb12.
But last one is really new one.

Changes to squid-2.5.STABLE8 (11 Feb 2005)

	- [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354,
	  #1096)
	- [Cosmetic] Document -v (protocol version) option to LDAP helpers
	- [Minor] The new req_header and resp_header acls segfaults
	  immediately on parse of squid.conf (Bug #961)
	- [Minor] Failure to shut down busy helpers on -k rotate/reconfigure
	  (Bug #1118)
	- [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102)
	- [Minor] Squid fails to close TCP connection after blank HTTP
	  response (Bug #1116)
	- [Minor security] Random error messages in response to malformed
	  host name (Bug #1143)
	- [Minor] PURGE should not be able to delete internal objects
	  (Bug #1112)
	- [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug
	  #1121)
	- [Minor] cachemgr vm_objects segfault (Bug #1149)
	- [Minor security] Confusing results on empty acl declarations (Bug
	  #1166)
	- [Minor] Don't close all "other" filedescriptors on startup (Bug
	  #1177)
	- [Minor] fakeauth_auth memory leak and NULL pointer access (Bug
	  #1183)
	- [Security] buffer overflow bug in gopherToHTML() (Bug #1189)
	- [Medium security] Denial of service with forged WCCP messages
	  (Bug #1190)
	- [Minor] DNS related memory leak on certain malformed DNS responses
	  (Bug #1197)
	- [Minor] Internal DNS sometimes truncates host names in reverse
	  (PTR) lookups (Bug #1136)
	- [Minor Security] Add sanity checks on LDAP user names (Bug #1187)
	- [Security] Harden Squid agains HTTP request smuggling attacks
	- [Minor] Icon URLs fails in non-anonymous FTP directory listings is
	  short_icon_urls is on (Bug #1203)
	- [Security] Harden Squid agains HTTP response splitting attacks
	  (Bug #1200)
	- [Medium security] Buffer overflow in WCCP recvfrom() call
	  (Bug #1217)
	- [Security] Properly handle oversized reply headers (Bug #1216)
	- [Minor] LDAP helpers search fixed to properly ask for no attributes
	- [Minor] A sporadic segmentation fault when using ntlm authentication
	  fixed (Bug #1127)
	- [Major] Segmentation fault on failed PUT/POST requests (Bug #1224)
	- [Medium] Persistent connection mismatch on failed PUT/POST request
	  (Bug #1122)
	- [Minor] WCCP easily disturbed by forged packets (Bug #1225)
	- [Minor] Password management in ftp:// gatewaying improved (Bug #1226)
	- [Major] HTTP reply data corruption in certain situations involving
	  reply headers split over multiple packets (Bug #1233)


To generate a diff of this commit:
cvs rdiff -r1.133 -r1.134 pkgsrc/www/squid/Makefile
cvs rdiff -r1.79 -r1.80 pkgsrc/www/squid/distinfo
cvs rdiff -r1.5 -r1.6 pkgsrc/www/squid/patches/patch-al
cvs rdiff -r1.4 -r1.5 pkgsrc/www/squid/patches/patch-cd

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.