aboutsummaryrefslogtreecommitdiff
path: root/www/squid
Commit message (Collapse)AuthorAgeFilesLines
* - integrate a vendor patch fromIon-Mihai Tetcu2006-07-113-5/+17
| | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/> to correct a problem with logging that could occur in certain cases (Squid bug #1605) - add some of the WWW mirrors found on <http://www.squid-cache.org/Mirrors/http-mirrors.html> as additional PATCH_SITES (thanks to Robert Backhaus for the initial submission) - make the rc.d script print "Stopping squid." in the hand rolled stop command when shutting down, just like default rc.subr stop routine would do PR: ports/100056 Submitted by: maintainer Notes: svn path=/head/; revision=167448
* - Update the list of MASTER_SITES.Jean Milanez Melo2006-06-052-6/+11
| | | | | | | | | | | - Update the icap-core patchset to CVS as of 2006-05-25. PR: ports/98279 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Approved by: mnag (mentor) Notes: svn path=/head/; revision=164534
* - Integrate a vendor patch published onSergey Matveychuk2006-06-043-19/+5
| | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/> to fix an "assertion failed: HttpReply.c:105: rep" error (squid bug #1606). - Update the customlog patchset accordingly. - Bump PORTREVISION. PR: ports/97066 Submitted by: maintainer Notes: svn path=/head/; revision=164356
* - Update to 2.5.STABLE14Renato Botelho2006-05-225-125/+198
| | | | | | | | | | | | | - accept 7-CURRENT's WITHOUT_NIS switch as a synonym for NO_NIS - add a missing "/" in files/pkg-message.in - update the ICAP core patchset to the latest CVS (2006-05-21) - update the custom logfile patchset to the latest CVS (2006-05-21) PR: ports/97607 Submitted by: maintainer Notes: svn path=/head/; revision=163105
* - Introduce four vendor patches [1] which:Emanuel Haupt2006-05-162-1/+17
| | | | | | | | | | | | | | | | | | - simplify definition of the SQUIDHOSTNAMELEN constant (squid bug #1434) - correct display of mime icons when visible_hostname contains only the plain hostname without a domain (squid bug #1532) - plug a memory leak in the HTCP client code (squid bug #1553) - plug a memory leak in the ident processing code (squid bug #1557) - Bump PORTREVISION [1] http://www.squid-cache.org/Versions/v2/2.5/bugs/ PR: 97356 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=162610
* - Fix WITH_SQUID_CUSTOM_LOG patch to work with 2.5.13Pav Lucistnik2006-03-191-30/+13
| | | | | | | | PR: ports/94665 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=157633
* - Update to 2.5.STABLE13Pav Lucistnik2006-03-187-153/+273
| | | | | | | | | | | | - Implement a new option WITH_SQUID_SASL_AUTH, off by default - Update the ICAP core patchset to the latest CVS - Extensive portlintification and cleanups PR: ports/94642 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=157570
* Implemented custom log format patch, providing similar functionalitySergey Matveychuk2006-02-042-0/+1544
| | | | | | | | | | | | | | to that of Apache LogFormat and CustomLog configuration directives. This also allows for output in multiple formats to different log files. See http://devel.squid-cache.org/customlog/ for more information. PR: ports/92522 Submitted by: Matthew Will <mwill@spingen.com> Approved by: maintainer Notes: svn path=/head/; revision=155189
* Integrate two vendor patches being published onSergey Matveychuk2006-01-153-39/+10
| | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: - Fix wbinfo_group.pl to correctly work with the wbinfo command from samba-3.0.21 (squid bug #1472) - Fix a crash when accessing async IO function counters via the cachemgr CGI in cases where squid was compiled for aufs support but not actually using it (squid bug #1464) While at it, remove an unneeded patch from the ICAP core patchset. PR: ports/91831 Submitted by: maintainer Notes: svn path=/head/; revision=153570
* Rename the rc script back to squid.sh, since some versions ofJean-Yves Lefort2006-01-092-7/+5
| | | | | | | | | | /etc/rc.d/localpkg only run scripts ending in .sh PR: ports/91387 Submitted by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>, maintainer Notes: svn path=/head/; revision=153133
* [Maintainer] www/squid: rc(8) related fixupsEdwin Groothuis2005-12-253-10/+11
| | | | | | | | | | | | | | | - Fix rc(8) preamble in the squid run script - Use the .sh suffix only for the old style script - Do not refer to "rcNG" in pkg-install anymore, rcNG is the default rc style by now - Bump PORTREVISION (to mark this change and because the package content changes) PR: ports/90858 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> Notes: svn path=/head/; revision=152035
* - Integrate vendor patch to fix a problem with the SMB helper whenRenato Botelho2005-12-204-0/+7497
| | | | | | | | | | | | | | | | | | --enable-ntlm-fail-open was specified as an additional configuration option (squid bug #1022). The port does not enable this option by default; document it, while at it. - Add SHA256 checksum for the squid tarball - Integrate ICAP client support based upon the icap project's CVS repository, turned off by default. To activate it, build the port with WITH_SQUID_ICAP defined or rerun 'make config'. - Bump PORTREVISION PR: ports/90688 Submitted by: maintainer Notes: svn path=/head/; revision=151658
* Update to 2.5.STABLE12Kirill Ponomarev2005-11-015-53/+22
| | | | | | | | PR: ports/88327 Submitted by: maintainer Notes: svn path=/head/; revision=146913
* Integrate the following vendor patches as published onRenato Botelho2005-10-192-2/+32
| | | | | | | | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: - document that tcp_outgoing_xxx works badly in combination with server_persistent_connections (squid bug #454) - add more tracing in test mode of squid_ldap_auth (squid bug #1395) - fix breakage of accel_single_host when combined with server_persistent_connection (squid bug #1402) - correctly implement the CACHE_HTTP_PORT configuration directive (squid bug #1403) - fix the problem that CNAME addresses were remembered with a wrong TTL (squid bug #1404) - fix incorrect handling of squid-internal-dynamic/netdb in conjunction with httpd_accel/transparent proxies (squid bug #1410) - properly revalidate the cache on HEAD requests (squid bug #1411) - correct handling of Set-Cookie headers on cache refreshes (squid bug #1419) - fix a vulnerability in the FTP parsing code (squid bug #1426) PR: ports/87637 Submitted by: maintainer Notes: svn path=/head/; revision=145859
* Fix smb_auth helperMarcus Alves Grando2005-10-063-2/+16
| | | | | | | | | PR: 86850 Pointed by: Dean M. Phillips <dmphilli@gmail.com> Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=144423
* Integrate a patch fromRenato Botelho2005-09-282-1/+4
| | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: - fix delay pools behaviour which was broken by the patch for squid bug #500, introduced in squid-2.5.10_6 (squid bug #1405) PR: ports/86669 Submitted by: maintainer Notes: svn path=/head/; revision=143685
* - Update to 2.5-STABLE11Renato Botelho2005-09-224-114/+22
| | | | | | | | | | - Adapt the follow-XFF patches to the changes to squid's sources PR: ports/86472 Submitted by: maintainer Notes: svn path=/head/; revision=143377
* Update the NTLM-scheme patch to version 2. The first version of the patch isPav Lucistnik2005-09-162-4/+4
| | | | | | | | | | broken (cf <http://www.squid-cache.org/bugs/show_bug.cgi?id=1391>). PR: ports/86215 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=142944
* - Integrate the following vendor patches:Pav Lucistnik2005-09-153-31/+23
| | | | | | | | | | | | | | | | | | | | | | | | | - LDAP helpers do not work with TLS (-Z option) (squid bug #1389) - Incorrect store dir selection debug message on objects >2G (squid bug #1343) - Enums cannot be assumed to be signed ints (squid bug #1343) - Allow leaving core dumps on Linux (squid bug #1335) - Do not let clients bypass delay pools by faking a cache hit (squid bug #500) - Fix problems regarding CONNECT requests when squid is configured with "pipeline_prefetch on" - Fix a possible DOS condition which may be triggered by certain NTLM authentication requests (squid bug #1391) - Remove patching relevant to recently removed pf from ports option PR: ports/86179 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=142840
* - Remove dependencies on security/pf, it was removed. pf is in base sincePav Lucistnik2005-09-141-4/+1
| | | | | | | | | 502106 Pointy hat to: pav Notes: svn path=/head/; revision=142767
* - Fix somewhat messed up titles in FTP listings (squid bug #1220)Sergey Matveychuk2005-09-042-3/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - FTP listings use "BASE HREF" much more than necessary (squid bug #1204) - Cleanups for 64bit architectures (squid bug #1316) - Allow wb_ntlm_auth to run more silent (squid bug #518) - Add a new 'mail_program' configuration option - Fix a possible denial of service condition regarding sslConnectTimeout (squid bug #1355, Secunia Advisory SA16674) - Avoid a possible assertion failure in StatHist.c (squid bug #1325) - Fix issues regarding chroot'ed installations on 'squid -k reconfigure' (squid bug #1331) - Make URLs in error pages more consistent and less confusing (squid bug #1342) - Fix compilation when _FORTIFY_SOURCE is defined (squid bug #1344) - Fix handling of unexpected 250 replies from certain odd FTP servers (squid bug #1348) - Add Greek error pages (squid bug #1351) - Fix a possible denial of service condition with regards to aborted requests (squid bug #1368) - Fix the -U option of squid_ldap_auth (squid bug #1370) - Fix the output of the SNMP cacheClientTable for IP adresses that consist of 16 digits (squid bug #1375) - Make the From: field of mails sent from squid configurable to avoid mails getting lost due to spam filtering (squid bug #1380) PR: ports/85688 Submitted by: maintainer Notes: svn path=/head/; revision=141882
* - Update transparent patch.Florent Thoumie2005-06-302-4/+4
| | | | | | | | PR: ports/82838 Submitted by: maintainer Notes: svn path=/head/; revision=138263
* Update the chroot vendor patch to version 2, cfJean-Yves Lefort2005-06-292-4/+4
| | | | | | | | | | http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-chroot PR: ports/82739 Submitted by: maintainer Notes: svn path=/head/; revision=138207
* - Integrate the following vendor patches as published onMichael Johnson2005-06-283-16/+38
| | | | | | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: + double content-length often harmless (squid bug #1305) + update spanish error pages + squid internal icons were served with slightly incorrect headers (squid bug #1275) + squid -k fails in combination with chroot (squid bug #1307) + core dump with --enable-ipf-transparent if access to NAT device is denied (squid bug #1313) + http_accel_single_host incompatible with redirection (squid bug #1314) + squid -k reconfigure caused data corruption when a cache_dir type had been changed (squid bug #1308) + SNMP getnext failed if the given OID was outside the squid MIB (squid bug #1317) PR: ports/82703 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=138090
* - Read cachemgr.conf rather than cachemgr.conf.defaultJean-Yves Lefort2005-05-222-12/+6
| | | | | | | | | | - Add a missing %SUBDIR% in MASTER_SITES PR: ports/81319 Submitted by: maintainer Notes: svn path=/head/; revision=135854
* - Update Squid to 2.5.STABLE10Pav Lucistnik2005-05-195-85/+28
| | | | | | | | PR: ports/81213 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=135614
* - update distinfo for the updated syslog patchVolker Stolz2005-04-272-31/+2
| | | | | | | | | | | - remove local patch that is now incorporated into the corresponding vendor patch (with slightly different wording) PR: ports/80367 Submitted by: maintainer Notes: svn path=/head/; revision=134234
* - Update distinfo for the 2GB patch, this includes a fix forYen-Ming Lee2005-04-211-1/+1
| | | | | | | | | | | | | squid bugs #1283, 1287 and 1288 (assertion failed in store_client.c:343). (already committed) - Bump portrevision as a datapoint for this bugfix. PR: 80163 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=133825
* - according web page, the patch file is rerolled at 2005-04-20 14:59 againYen-Ming Lee2005-04-201-2/+2
| | | | | | | | | http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-2GB Noticed by: kris Notes: svn path=/head/; revision=133810
* - the patch is repacked at 2005-04-18 00:57, after maintainer submit PR 80028Yen-Ming Lee2005-04-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - diff is listed below: --- /tmp/squid-2.5.STABLE9-2GB.patch Mon Apr 4 17:09:16 2005 +++ /usr/ports/distfiles/squid2.5/squid-2.5.STABLE9-2GB.patch Mon Apr 18 08:57:57 2005 @@ -3000,7 +3000,7 @@ } /* there are some things we cannot do yet */ Index: squid/src/protos.h -diff -c squid/src/protos.h:1.420.2.28 squid/src/protos.h:1.420.2.32 +diff -c squid/src/protos.h:1.420.2.28 squid/src/protos.h:1.420.2.30 *** squid/src/protos.h:1.420.2.28 Fri Mar 18 17:01:52 2005 --- squid/src/protos.h Sat Mar 26 10:36:01 2005 *************** @@ -3455,9 +3455,9 @@ + #endif /* SQUID_H */ Index: squid/src/ssl.c -diff -c squid/src/ssl.c:1.118.2.9 squid/src/ssl.c:1.118.2.10 +diff -c squid/src/ssl.c:1.118.2.9 squid/src/ssl.c:1.118.2.11 *** squid/src/ssl.c:1.118.2.9 Mon Mar 21 12:39:29 2005 ---- squid/src/ssl.c Fri Mar 25 19:50:53 2005 +--- squid/src/ssl.c Sun Apr 17 18:54:30 2005 *************** *** 46,52 **** int len; @@ -3482,7 +3482,7 @@ kb_incr(&statCounter.server.all.kbytes_out, len); kb_incr(&statCounter.server.other.kbytes_out, len); + /* increment total object size */ -+ if (sslState->size_ptr) ++ if (sslState->size_ptr && sslState->client.fd != -1) + #if SIZEOF_SQUID_OFF_T <= 4 + if (*sslState->size_ptr < 0x7FFF0000) + #endif Noticed by: many people ... Notes: svn path=/head/; revision=133560
* Integrate the following vendor patches as published onYen-Ming Lee2005-04-183-2/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: - Correct several minor aufs issues (squid bug #671) - Basic authentification fails when login+password totalled to more than 64 characters (squid bug #1171) - Fix an assertion that could occur when traffic other than HTTPS was tunneled through squid via the CONNECT method (squid bug #1269) - Make the --disable-hostname-check configuration option actually work (squid bug #1270) - Fix aufs warning about open filedescriptors when the cache was shut down (squid bug #671) - Allow squid to process requests for files larger than 2GB in size (squid bug #437) Introduce a new OPTION "WITH_SQUID_LARGEFILE", default to off to match squid's default behaviour. Rebuild squid with -DWITH_SQUID_LARGEFILE or run 'make config' and select this new option. - Add two new cachemgr actions: "pending_objects" and "client_objects" - Make external acls that require authentication request new credentials after access had been denied (squid bug #1278) - Make squid use "daemon" instead of "local4" as syslog facility (squid bug #1227) PR: 80028 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=133551
* - Chase checksum of the updated pid_t patchMichael Johnson2005-03-152-3/+3
| | | | | | | | PR: ports/78897 Submitted by: maintainer Notes: svn path=/head/; revision=131353
* - Integrate the following vendor patches as published onMichael Johnson2005-03-132-11/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: + Handle odd data formats (squid bug #321) + reload_into_ims fails to revalidate negatively cached entries (squid bug #1159) + Clarify delay_access function (squid bug #1245) + Check several squid.conf directives for int overflows (squid bug #1247) + Use memset(3) instead of bzero(3) (squid bug #1256) + Fix compile warnings due to pid_t not being an int (squid bug #1257) + Fix incorrect use of ctype functions (squid bug #1259) + Defer digest fetch if the peer is not allowed to be used (squid bug #1262) + Extend relaxed_header_parser to work around "excess data from" errors from many major web servers (squid bug #1265) - Enable IPFilter based transparent proxying on all FreeBSD versions where IPFilter headers are part of the base system (i.e. RELENG_4 < 4.7-RELEASE, RELENG_5 and 6-CURRENT). Create a new OPTION WITH_SQUID_IPFILTER for this purpose. Thanks to sem@ for keeping track of this issue! PR: ports/78780 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=131118
* Integrate the following vendor patches as published onPav Lucistnik2005-03-082-1/+13
| | | | | | | | | | | | | | | - correct a race condition related to the Set-Cookie header - correct the FTP parser with regards to the EPLF format (squid bug #1252) - correct FTP listing output when the URL was requested without a trailing slash (squid bug #1253) - make ACL configuration errors fatal (squid bug #1255) PR: ports/78446 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=130669
* - Update to 2.5.STABLE9Pav Lucistnik2005-02-262-20/+5
| | | | | | | | PR: ports/78079 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=129836
* * Vendor patches:Pav Lucistnik2005-02-202-1/+14
| | | | | | | | | | | | | | | - fix some cross-platform build format warnings - allow high characters in generated FTP and Gopher directory listings (squid bug #1220) - cleanup generation of FTP URLs - relax the newly introduced strict HTTP parser slightly to work around some more malformed HTTP responses (squid bug #1242) PR: ports/77779 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=129383
* - Update to 2.5-STABLE8Sergey Matveychuk2005-02-133-224/+7
| | | | | | | | | | | | - Integrate a vendor patch from: http://www.squid-cache.org/Versions/v2/2.5/bugs/ it fixes a major problem regarding the handling of invalid DNS responses PR: ports/77423 Submitted by: maintainer Notes: svn path=/head/; revision=128708
* - Update header_parsing.patchPav Lucistnik2005-02-103-36/+3
| | | | | | | | PR: ports/77360 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Notes: svn path=/head/; revision=128492
* Integrate the following vendor patch as published onJacques Vidrine2005-02-082-2/+20
| | | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: - Address HTTP protocol mismatch related to oversized reply headers and enhance cache.log on reply header parsing failures (squid bug #1216) - correct the search request generated by the LDAP authentication helper - fix a race within the NTLM authentication mechanism (squid bug #1127) - fix handling of failed PUT/POST requests (squid bug #1224) - fix problems with persistent server connections after failed PUT/POST requests (squid bug #1122) - improve handling of forged WCCP packets (squid bug #1225) PR: ports/76967 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Security: http://vuxml.freebsd.org/bfda39de-7467-11d9-9e1e-c296ac722cb3.html Notes: svn path=/head/; revision=128280
* - Fix fetching.Sergey Matveychuk2005-02-012-3/+3
| | | | | | | | | | | * The response_splitting patch has been updated to correct a problem with cache digests. PR: ports/76889 Submitted by: maintainer Notes: svn path=/head/; revision=127853
* - Integrate a vendor patch against a buffer overflow in the WCCP handling,Sergey Matveychuk2005-01-292-2/+5
| | | | | | | | | | | see <http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow> and <http://www.squid-cache.org/Advisories/SQUID-2005_3.txt>. PR: ports/76827 Submitted by: maintainer Notes: svn path=/head/; revision=127666
* Sync follow-XFF with the latest vendor patch.Kirill Ponomarev2005-01-291-5/+5
| | | | | | | | PR: ports/76801 Submitted by: maintainer Notes: svn path=/head/; revision=127593
* - Integrate vendor patches as published onSergey Matveychuk2005-01-264-42/+213
| | | | | | | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: + Reject malformed HTTP requests and responses that conflict with the HTTP specifications This issue is qualified as a security issue by the vendor. + PURGE is allowed to delete internal objects (squid bug #1112) + Disable Path-MTU discovery on intercepted requests (squid bug #1154) (VuXML vid=b4d94fa0-6e38-11d9-9e1e-c296ac722cb3) - Clean up and correct package list generation. Now installed files and directories are visible via PLIST_FILES and PLIST_DIRS. - Don't claim that squid related files or directories are still present after deinstallation when in fact they are not. - Add "-g" to CFLAGS when WITH_SQUID_STACKTRACES is defined to make this option actually useful. PR: ports/76628 Submitted by: maintainer Notes: svn path=/head/; revision=127448
* [Maintainer/security] www/squid: protect against HTTP resonse splitEdwin Groothuis2005-01-222-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | attack and other patches Integrate vendor patches as published on <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: - FTP data connection fails on some FTP servers when requesting a directory without a trailing slash (squid bug #1194) - Icons fail to load on non-anonymous FTP when using the short_icons_url configuration directive (squid bug #1203) - Strengthen squid against HTTP response splitting cache pollution attacks (squid bug #1200), classified as security issue by the vendor Proposed VuXML information, entry date left to be filled in: (Note: I added only a publically accessible link to the Sanctum, Inc. whitepaper, the squid bug tracker contains a deep link to the PDF itself; if we are allowed to publish it, it could instead be used as reference because Sanctum, Inc. wants you to register with them before you get access to their whitepapers.) PR: ports/76550 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> Notes: svn path=/head/; revision=127082
* [Maintainer/Security] www/squid: integrate vendor patchesEdwin Groothuis2005-01-192-2/+11
| | | | | | | | | | | | | | | | | Integrate vendor patches as published on <http://www.squid-cache.org/Versions/v2/2.5/bugs/>: - Sanity check usernames in squid_ldap_auth (squid bug #1187), classified as minor security issue by the vendor, see below for VuXML information - FQDN names truncated on compressed DNS responses (squid bug #1136) - Internal DNS memory leak on malformed responses (squid bug #1197) PR: ports/76364 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> Notes: svn path=/head/; revision=126816
* - Integrate vendor patches as published onSimon L. B. Nielsen2005-01-122-4/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for the following issues: + Prevent a possible denial of service attack via WCCP messages (squid bug #1190), classified as security issue by the vendor + Fix a buffer overflow in the Gopher to HTML conversion routine (squid bug #1189), classified as security issue by the vendor + Fix a null pointer access and plug memory leaks in the fake_auth NTLM helper (squid bug #1183) (this helper app is not installed by default by the port) + Stop closing open filedescriptors beyond stdin, stdout and stderr on startup (squid bug #1177) - Unbreak the port on NO_NIS systems (thanks to "Alexander <freebsd AT nagilum.de>" for reporting this) - Document the two security issues in VuXML. PR: ports/76173 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Approved by: erwin (mentor) Notes: svn path=/head/; revision=126271
* Patch was rerolled because of some bug fixes.Kirill Ponomarev2004-12-291-2/+2
| | | | | | | Approved by: maintainer Notes: svn path=/head/; revision=125425
* Handle empty ACL definitions properly.Kirill Ponomarev2004-12-232-2/+5
| | | | | | | | PR: ports/75403 Submitted by: maintainer Notes: svn path=/head/; revision=124978
* Integrate the following vendor patches as published onSergey Matveychuk2004-12-082-2/+11
| | | | | | | | | | | | | | | | | | http://www.squid-cache.org/Versions/v2/2.5/bugs/: - a malformed hostname can cause squid to return random data as error messages, possibly leaking internal information from former requests (squid bug #1143). (This is classified as a minor security issue by the squid developers, so maintainer cc'ed security-team@. See VuXML entry.) - the "httpd_accel_port 0" directive does not work on its own (squid bug #1121) - fix crashes occuring when using cachemgr's "vm_objects" operation (squid bug #1149) PR: ports/74859 Submitted by: maintainer Notes: svn path=/head/; revision=123503
* - fix shutting down of helper applications on reconfigure orKirill Ponomarev2004-11-142-2/+8
| | | | | | | | | | | | logrotation (squid bug #1118) - properly close the client TCP connection when a malformed blank HTTP response was received from the server (squid bug #1116) PR: ports/73913 Submitted by: maintainer Notes: svn path=/head/; revision=121556
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 19:38:36 +0000