cvs commit: ports/www/squid Makefile distinfo
Edwin Groothuis
edwin at FreeBSD.org
Sat Jan 22 01:31:34 PST 2005
edwin 2005-01-22 09:31:33 UTC
FreeBSD ports repository
Modified files:
www/squid Makefile distinfo
Log:
[Maintainer/security] www/squid: protect against HTTP resonse split
attack and other patches
Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- FTP data connection fails on some FTP servers when requesting
a directory without a trailing slash (squid bug #1194)
- Icons fail to load on non-anonymous FTP when using the
short_icons_url configuration directive (squid bug #1203)
- Strengthen squid against HTTP response splitting cache pollution
attacks (squid bug #1200), classified as security issue by
the vendor
Proposed VuXML information, entry date left to be filled in:
(Note: I added only a publically accessible link to the Sanctum,
Inc. whitepaper, the squid bug tracker contains a deep link
to the PDF itself; if we are allowed to publish it, it could
instead be used as reference because Sanctum, Inc. wants you
to register with them before you get access to their whitepapers.)
PR: ports/76550
Submitted by: Thomas-Martin Seck <tmseck at netcologne.de>
Revision Changes Path
1.151 +5 -2 ports/www/squid/Makefile
1.115 +6 -0 ports/www/squid/distinfo
More information about the cvs-all
mailing list