Subject: CVS commit: [pkgsrc-2004Q4] pkgsrc/www/squid
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <snj@netbsd.org>
List: pkgsrc-changes
Date: 02/11/2005 23:30:56
Module Name: pkgsrc
Committed By: snj
Date: Fri Feb 11 23:30:56 UTC 2005
Modified Files:
pkgsrc/www/squid [pkgsrc-2004Q4]: Makefile distinfo
pkgsrc/www/squid/patches [pkgsrc-2004Q4]: patch-al patch-cd
Log Message:
Pullup ticket 280 - requested by Takahiro Kambe
update squid
Revisions pulled up:
pkgsrc/www/squid/Makefile 1.134
pkgsrc/www/squid/distinfo 1.80
pkgsrc/www/squid/patches/patch-al 1.6
pkgsrc/www/squid/patches/patch-cd 1.5
Module Name: pkgsrc
Committed By: taca
Date: Fri Feb 11 14:47:18 UTC 2005
Modified Files:
pkgsrc/www/squid: Makefile distinfo
pkgsrc/www/squid/patches: patch-al patch-cd
Log Message:
Update squid package to 2.5.8 (squid-2.5.STABLE8).
Most of these changes are already included in previous squid-2.5.7nb12.
But last one is really new one.
Changes to squid-2.5.STABLE8 (11 Feb 2005)
- [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354,
#1096)
- [Cosmetic] Document -v (protocol version) option to LDAP helpers
- [Minor] The new req_header and resp_header acls segfaults
immediately on parse of squid.conf (Bug #961)
- [Minor] Failure to shut down busy helpers on -k rotate/reconfigure
(Bug #1118)
- [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102)
- [Minor] Squid fails to close TCP connection after blank HTTP
response (Bug #1116)
- [Minor security] Random error messages in response to malformed
host name (Bug #1143)
- [Minor] PURGE should not be able to delete internal objects
(Bug #1112)
- [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug
#1121)
- [Minor] cachemgr vm_objects segfault (Bug #1149)
- [Minor security] Confusing results on empty acl declarations (Bug
#1166)
- [Minor] Don't close all "other" filedescriptors on startup (Bug
#1177)
- [Minor] fakeauth_auth memory leak and NULL pointer access (Bug
#1183)
- [Security] buffer overflow bug in gopherToHTML() (Bug #1189)
- [Medium security] Denial of service with forged WCCP messages
(Bug #1190)
- [Minor] DNS related memory leak on certain malformed DNS responses
(Bug #1197)
- [Minor] Internal DNS sometimes truncates host names in reverse
(PTR) lookups (Bug #1136)
- [Minor Security] Add sanity checks on LDAP user names (Bug #1187)
- [Security] Harden Squid agains HTTP request smuggling attacks
- [Minor] Icon URLs fails in non-anonymous FTP directory listings is
short_icon_urls is on (Bug #1203)
- [Security] Harden Squid agains HTTP response splitting attacks
(Bug #1200)
- [Medium security] Buffer overflow in WCCP recvfrom() call
(Bug #1217)
- [Security] Properly handle oversized reply headers (Bug #1216)
- [Minor] LDAP helpers search fixed to properly ask for no attributes
- [Minor] A sporadic segmentation fault when using ntlm authentication
fixed (Bug #1127)
- [Major] Segmentation fault on failed PUT/POST requests (Bug #1224)
- [Medium] Persistent connection mismatch on failed PUT/POST request
(Bug #1122)
- [Minor] WCCP easily disturbed by forged packets (Bug #1225)
- [Minor] Password management in ftp:// gatewaying improved (Bug #1226
- [Major] HTTP reply data corruption in certain situations involving
reply headers split over multiple packets (Bug #1233)
To generate a diff of this commit:
cvs rdiff -r1.120.2.7 -r1.120.2.8 pkgsrc/www/squid/Makefile
cvs rdiff -r1.68.2.7 -r1.68.2.8 pkgsrc/www/squid/distinfo
cvs rdiff -r1.5 -r1.5.4.1 pkgsrc/www/squid/patches/patch-al
cvs rdiff -r1.4 -r1.4.4.1 pkgsrc/www/squid/patches/patch-cd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.