CVS commit: [pkgsrc-2008Q1] pkgsrc/www/squid

["Tyler R. Retzlaff" <rtr%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   rtr
Date:           Sun Jun 29 11:39:39 UTC 2008

Modified Files:
        pkgsrc/www/squid [pkgsrc-2008Q1]: Makefile distinfo

Log Message:
pullup ticket 2438 requested by taca
squid: fixes security problems

pkgsrc/www/squid/Makefile       1.206,1.207
pkgsrc/www/squid/distinfo       1.138,1.139

   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sat Jun 21 10:33:55 UTC 2008

   Modified Files:
        pkgsrc/www/squid: Makefile distinfo

   Log Message:
   Update squid package to 2.6.20 (2.6.STABLE20).
   It would be last 2.6 stable release.

   Changes to squid-2.6.STABLE20 (25 Apr 2008)

        - Bug #2263: Custom log formats fail to log file sizes >2GB properly
          on 32-bit platforms
        - Fix stripping NT domain in squid_ldap_group
        - Bug #2278: Cache-Control: max-stale=0 forwarded wrongly as max-stale
        (without delta)
        - Bug #2283: Fails to parse chunked encoding using chunk extensions
        - Bug #420: Deal properly with empty list HTTP header members
        - Windows Server 2008 support
        - Bug #1886: tcp_outgoing_address acl doesn't work with indirect
          source address (follow-x-forwarded-for)
        - Bug #2296: Stuck in 100% CPU when fetching an corrupt peer digest
        - Add support for the resolv.conf domain directive, and also
          automatically derived default domain
        - minimum_icp_query_timeout directive
        - Bug #2329: Range header ignored on HIT

   ------------------------------------------------------------------------

   Module Name: pkgsrc
   Committed By:        taca
   Date:                Sun Jun 29 01:02:09 UTC 2008

   Modified Files:
        pkgsrc/www/squid: Makefile distinfo

   Log Message:
   Update www/squid package to 2.6.21 (2.6.STABLE21) which contains
   two security fixes:

        - Bug #1993: Memory leak in http_reply_access deny processing
        - Bug #2122: In some situations collapsed_forwarding could leak
          private information

   Changes to squid-2.6.STABLE21 (27 June 2008)

        - Bug #2350: Bugs in Linux kernel capabilities code
        - Bug #2241: weights not applied properly in round-robin peer
          selection
        - Off by one error in DNS label decompression could cause valid DNS
          messages to be rejected
        - logformat docs contain extra whitespace
        - Reject ridiculously large ASN.1 lengths
        - Fix SNMP reporting of counters with a value > 0xFF80000
        - Correct spelling of WCCPv2 dst_port_hash to match the source
        - Plug some "squid -k reconfigure" memory leaks. Mostly SSL related.
        - Bug #1993: Memory leak in http_reply_access deny processing
        - Bug #2122: In some situations collapsed_forwarding could leak
          private information
        - Bug #2376: Round-Robin becomes unbalanced when a peer dies and comes
          back
        - Bug #2387: The calculation of the number of hash buckets need to
          account for the memory size, not only disk size
        - Bug #2393: DNS requests retried indefinitely at full speed on failed
          TCP connection
        - Bug #2393: DNS retransmit queue could get hold up
        - Correct socket syscalls statistics in commResetFD()


To generate a diff of this commit:
cvs rdiff -r1.205 -r1.205.2.1 pkgsrc/www/squid/Makefile
cvs rdiff -r1.137 -r1.137.2.1 pkgsrc/www/squid/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.