pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2021Q1]: pkgsrc/www/squid4 Pullup ticket #6465 - requested by ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/54804a2e9f08
branches:  pkgsrc-2021Q1
changeset: 453561:54804a2e9f08
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Mon May 31 13:28:45 2021 +0000

description:
Pullup ticket #6465 - requested by taca
www/squid4: security fix

Revisions pulled up:
- www/squid4/Makefile                                           1.18
- www/squid4/distinfo                                           1.11

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Mon May 10 14:22:57 UTC 2021

   Modified Files:
        pkgsrc/www/squid4: Makefile distinfo

   Log Message:
   www/squid4: update to 4.15

   This release fixes these security issues from prior release.

   * SQUID-2020:11 HTTP Request Smuggling
     (CVE-2020-25097)
   * SQUID-2021:1 Denial of Service in URN processing
     (CVE-2021-28651)
   * SQUID-2021:2 Denial of Service in HTTP Response Processing
     (CVE-2021-28662)
   * SQUID-2021:3 Denial of Service issue in Cache Manager
     (CVE-2021-28652)
   * SQUID-2021:4 Multiple issues in HTTP Range header
     (CVE-2021-31806, CVE-2021-31807, CVE-2021-31808)
   * SQUID-2021:5 Denial of Service in HTTP Response Processing
     (CVE pending allocation)

   Changes in squid-4.15 (10 May 2021):

        - Bug 5112: Excessively loud chunked reply parsing error reporting
        - Bug 5106: Broken cache manager URL parsing
        - Bug 5104: Memory leak in RFC 2169 response parsing
        - Bug 3556: "FD ... is not an open socket" for accept() problems
        - Profiling: CPU timing implemented for MAC non-x86
        - Fix HttpHeaderStats definition to include hoErrorDetail
        - Fix Squid-to-client write_timeout triggers client_lifetime timeout
        - Limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs
        - Handle more Range requests
        - Handle more partial responses
        - Stop processing a response if the Store entry is gone
        - ... and some portability fixes
        - ... and some documentation updates

diffstat:

 www/squid4/Makefile |   4 ++--
 www/squid4/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (30 lines):

diff -r 2cc02a07a58a -r 54804a2e9f08 www/squid4/Makefile
--- a/www/squid4/Makefile       Mon May 31 12:56:08 2021 +0000
+++ b/www/squid4/Makefile       Mon May 31 13:28:45 2021 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.15 2021/03/13 15:24:44 taca Exp $
+# $NetBSD: Makefile,v 1.15.2.1 2021/05/31 13:28:45 bsiegert Exp $
 
-DISTNAME=      squid-4.14
+DISTNAME=      squid-4.15
 CATEGORIES=    www
 MASTER_SITES=  http://www.squid-cache.org/Versions/v4/
 MASTER_SITES+= ftp://ftp.squid-cache.org/pub/squid/
diff -r 2cc02a07a58a -r 54804a2e9f08 www/squid4/distinfo
--- a/www/squid4/distinfo       Mon May 31 12:56:08 2021 +0000
+++ b/www/squid4/distinfo       Mon May 31 13:28:45 2021 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.10 2021/03/13 15:24:44 taca Exp $
+$NetBSD: distinfo,v 1.10.2.1 2021/05/31 13:28:45 bsiegert Exp $
 
-SHA1 (squid-4.14.tar.xz) = 71ae13a845a6a7ffc69ce11086ea3e427625bc08
-RMD160 (squid-4.14.tar.xz) = dfc524f6098fa4b5996962d6298cc5c8ab43d60c
-SHA512 (squid-4.14.tar.xz) = 3509caea9e10ea54547eeb769a21f0ca4d37e39a063953821fc51d588b22facfa183d0a48be9ab15831ee646e031079b515c75162515b8a4e7c708df2d41958b
-Size (squid-4.14.tar.xz) = 2452892 bytes
+SHA1 (squid-4.15.tar.xz) = 60bda34ba39657e2d870c8c1d2acece8a69c3075
+RMD160 (squid-4.15.tar.xz) = 8345df992154ab72d566036f5f284188a8352aa6
+SHA512 (squid-4.15.tar.xz) = 8f0ce6e30dd9173927e8133618211ffb865fb5dde4c63c2fb465e2efccda4a6efb33f2c0846870c9b915340aff5f59461a60171882bcc0c890336b846fe60bd1
+Size (squid-4.15.tar.xz) = 2454176 bytes
 SHA1 (patch-compat_compat.h) = 839381a5e1f46e7d9b822bbb53d82a53c996ddc0
 SHA1 (patch-configure) = 0d204989666c36172f0765f2a44766d9194c7bb2
 SHA1 (patch-errors_Makefile.in) = 84cbf5c836f02ed5fbfff140888c6d3aadeac326



Home | Main Index | Thread Index | Old Index