ports/110610: [Maintainer] www/squid: update to 2.6.STABLE12
Thomas-Martin Seck
tmseck at netcologne.de
Wed Mar 21 10:30:06 UTC 2007
>Number: 110610
>Category: ports
>Synopsis: [Maintainer] www/squid: update to 2.6.STABLE12
>Confidential: no
>Severity: non-critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Wed Mar 21 10:30:05 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Thomas-Martin Seck
>Release: FreeBSD 6.2-STABLE i386
>Organization:
a private site in Germany
>Environment:
FreeBSD ports collection as of March 21, 2007.
>Description:
Update to 2.6.STABLE12.
This update fixes a denial of service vulnerability in the TRACE method.
Proposed VuXML entry, entry date left to be filled in:
<vuln vid="b5affc11-d793-11db-9f0f-0048543d60ce">
<topic>squid -- TRACE method handling denial of service</topic>
<affects>
<package>
<name>squid</name>
<range><ge>2.6.1</ge>
<range><lt>2.6.12</lt>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Squid advisory 2007:1 notes:</p>
<blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2007_1.txt">
<p>Due to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method.</p>
<p>Workarounds:</p>
<p>To work around the problem deny access to using the TRACE method by inserting the following two lines before your first http_access rule</p>
<p>acl TRACE method TRACE</p>
<p>http_access deny TRACE</p>
</body>
</description>
<references>
<url>http://www.squid-cache.org/Advisories/SQUID-2007_1.txt</url>
</references>
<dates>
<discovery>2007-03-20</discovery>
</dates>
</vuln>
>How-To-Repeat:
>Fix:
Apply this patch:
Index: Makefile
===================================================================
--- Makefile (.../www/squid) (revision 1139)
+++ Makefile (.../local/squid) (revision 1139)
@@ -75,7 +75,7 @@
# Enable experimental multicast notification of cachemisses.
PORTNAME= squid
-PORTVERSION= 2.6.11
+PORTVERSION= 2.6.12
CATEGORIES= www
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
@@ -87,7 +87,7 @@
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
MASTER_SITE_SUBDIR= squid-2/STABLE
-DISTNAME= squid-2.6.STABLE11
+DISTNAME= squid-2.6.STABLE12
DIST_SUBDIR= squid2.6
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
Index: distinfo
===================================================================
--- distinfo (.../www/squid) (revision 1139)
+++ distinfo (.../local/squid) (revision 1139)
@@ -1,3 +1,3 @@
-MD5 (squid2.6/squid-2.6.STABLE11.tar.bz2) = 30b38de0a0a7ffce4350f3ca638e9b2e
-SHA256 (squid2.6/squid-2.6.STABLE11.tar.bz2) = 98e7d72efff757e7bea4aa33fd3750e152db9cd1e92de07c3252b1a6fa541490
-SIZE (squid2.6/squid-2.6.STABLE11.tar.bz2) = 1263864
+MD5 (squid2.6/squid-2.6.STABLE12.tar.bz2) = a830ccc95cb39cdfa5e5b773add0bb0d
+SHA256 (squid2.6/squid-2.6.STABLE12.tar.bz2) = 7956fb449cc8ce7b3e01b6bc5dd1318810c11c0630ef7fa4989ae15dfabdb858
+SIZE (squid2.6/squid-2.6.STABLE12.tar.bz2) = 1263085
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list