From 8b446059f52e4d1d549db6bd571b7ef1c6b358f3 Mon Sep 17 00:00:00 2001 From: "Simon L. B. Nielsen" Date: Wed, 12 Jan 2005 22:37:29 +0000 Subject: - Integrate vendor patches as published on for the following issues: + Prevent a possible denial of service attack via WCCP messages (squid bug #1190), classified as security issue by the vendor + Fix a buffer overflow in the Gopher to HTML conversion routine (squid bug #1189), classified as security issue by the vendor + Fix a null pointer access and plug memory leaks in the fake_auth NTLM helper (squid bug #1183) (this helper app is not installed by default by the port) + Stop closing open filedescriptors beyond stdin, stdout and stderr on startup (squid bug #1177) - Unbreak the port on NO_NIS systems (thanks to "Alexander " for reporting this) - Document the two security issues in VuXML. PR: ports/76173 Submitted by: Thomas-Martin Seck (maintainer) Approved by: erwin (mentor) --- www/squid25/Makefile | 16 ++++++++++++---- www/squid25/distinfo | 8 ++++++++ 2 files changed, 20 insertions(+), 4 deletions(-) (limited to 'www/squid25') diff --git a/www/squid25/Makefile b/www/squid25/Makefile index 6e8f2fb54dcb..a961d9dd5d62 100644 --- a/www/squid25/Makefile +++ b/www/squid25/Makefile @@ -74,7 +74,7 @@ PORTNAME= squid PORTVERSION= 2.5.7 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= www MASTER_SITES= \ ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \ @@ -95,7 +95,11 @@ PATCHFILES= squid-2.5.STABLE7-half_closed_POST.patch \ squid-2.5.STABLE7-dothost.patch \ squid-2.5.STABLE7-httpd_accel_vport.patch \ squid-2.5.STABLE7-cachemgr_vmobjects.patch \ - squid-2.5.STABLE7-empty_acls.patch + squid-2.5.STABLE7-empty_acls.patch \ + squid-2.5.STABLE7-close_other.patch \ + squid-2.5.STABLE7-fakeauth_auth.patch \ + squid-2.5.STABLE7-gopher_html_parsing.patch \ + squid-2.5.STABLE7-wccp_denial_of_service.patch PATCH_DIST_STRIP= -p1 MAINTAINER= tmseck@netcologne.de @@ -169,7 +173,7 @@ error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \ libexec= cachemgr.cgi digest_pw_auth diskd dnsserver ip_user_check \ squid_ldap_auth squid_ldap_group msnt_auth ncsa_auth ntlm_auth \ pam_auth pinger smb_auth smb_auth.sh squid_unix_group \ - unlinkd wb_auth wb_group wb_ntlmauth wbinfo_group.pl yp_auth + unlinkd wb_auth wb_group wb_ntlmauth wbinfo_group.pl CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \ --datadir=${PREFIX}/etc/squid \ @@ -181,7 +185,7 @@ CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \ # Authentication methods and modules: -basic_auth= NCSA PAM YP MSNT SMB winbind +basic_auth= NCSA PAM MSNT SMB winbind external_acl= ip_user unix_group wbinfo_group winbind_group MAN8+= pam_auth.8 squid_unix_group.8 .if defined(WITH_SQUID_LDAP_AUTH) @@ -192,6 +196,10 @@ MAN8+= squid_ldap_auth.8 squid_ldap_group.8 basic_auth+= LDAP external_acl+= ldap_group .endif +.if !defined(NO_NIS) +basic_auth+= YP +libexec+= yp_auth +.endif CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \ --enable-basic-auth-helpers="${basic_auth}" \ --enable-digest-auth-helpers="password" \ diff --git a/www/squid25/distinfo b/www/squid25/distinfo index 98066fde202d..b0ddf91247f9 100644 --- a/www/squid25/distinfo +++ b/www/squid25/distinfo @@ -18,3 +18,11 @@ MD5 (squid2.5/squid-2.5.STABLE7-cachemgr_vmobjects.patch) = fdde57025dbfb8caf915 SIZE (squid2.5/squid-2.5.STABLE7-cachemgr_vmobjects.patch) = 6238 MD5 (squid2.5/squid-2.5.STABLE7-empty_acls.patch) = 77d4365ebd4216ecde5f08301d43a02b SIZE (squid2.5/squid-2.5.STABLE7-empty_acls.patch) = 4432 +MD5 (squid2.5/squid-2.5.STABLE7-close_other.patch) = 70f04f805907bb6544ae5aaccb74f324 +SIZE (squid2.5/squid-2.5.STABLE7-close_other.patch) = 945 +MD5 (squid2.5/squid-2.5.STABLE7-fakeauth_auth.patch) = 1b630af756317f97046adad302faedc4 +SIZE (squid2.5/squid-2.5.STABLE7-fakeauth_auth.patch) = 7967 +MD5 (squid2.5/squid-2.5.STABLE7-gopher_html_parsing.patch) = 1c0ba661b91a17fbd01e5e42430deb86 +SIZE (squid2.5/squid-2.5.STABLE7-gopher_html_parsing.patch) = 714 +MD5 (squid2.5/squid-2.5.STABLE7-wccp_denial_of_service.patch) = 0c77d92efda39797eb7d59c8d2e942d0 +SIZE (squid2.5/squid-2.5.STABLE7-wccp_denial_of_service.patch) = 1928 -- cgit v1.2.3