ports/110610: [Maintainer] www/squid: update to 2.6.STABLE12

[Thomas-Martin Seck]

>Number:         110610
>Category:       ports
>Synopsis:       [Maintainer] www/squid: update to 2.6.STABLE12
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 21 10:30:05 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Thomas-Martin Seck
>Release:        FreeBSD 6.2-STABLE i386
>Organization:
a private site in Germany
>Environment:
FreeBSD ports collection as of March 21, 2007.

	
>Description:

Update to 2.6.STABLE12.

This update fixes a denial of service vulnerability in the TRACE method.

Proposed VuXML entry, entry date left to be filled in:

  <vuln vid="b5affc11-d793-11db-9f0f-0048543d60ce">
    <topic>squid -- TRACE method handling denial of service</topic>
    <affects>
      <package>
         <name>squid</name>
	 <range><ge>2.6.1</ge>
	 <range><lt>2.6.12</lt>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
        <p>Squid advisory 2007:1 notes:</p>
        <blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2007_1.txt">
	<p>Due to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method.</p>
	<p>Workarounds:</p>
	<p>To work around the problem deny access to using the TRACE method by inserting the following two lines before your first http_access rule</p>
	<p>acl TRACE method TRACE</p>
	<p>http_access deny TRACE</p>
      </body>
    </description>
    <references>
      <url>http://www.squid-cache.org/Advisories/SQUID-2007_1.txt</url>
    </references>
    <dates>
      <discovery>2007-03-20</discovery>
    </dates>
  </vuln>
	

	
>How-To-Repeat:
	
>Fix:
Apply this patch:

Index: Makefile
===================================================================
--- Makefile	(.../www/squid)	(revision 1139)
+++ Makefile	(.../local/squid)	(revision 1139)
@@ -75,7 +75,7 @@
 #     Enable experimental multicast notification of cachemisses.
 
 PORTNAME=	squid
-PORTVERSION=	2.6.11
+PORTVERSION=	2.6.12
 CATEGORIES=	www
 MASTER_SITES=	ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
 		ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
@@ -87,7 +87,7 @@
 		ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
 		${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
 MASTER_SITE_SUBDIR=	squid-2/STABLE
-DISTNAME=	squid-2.6.STABLE11
+DISTNAME=	squid-2.6.STABLE12
 DIST_SUBDIR=	squid2.6
 
 PATCH_SITES=	http://www.squid-cache.org/%SUBDIR%/ \
Index: distinfo
===================================================================
--- distinfo	(.../www/squid)	(revision 1139)
+++ distinfo	(.../local/squid)	(revision 1139)
@@ -1,3 +1,3 @@
-MD5 (squid2.6/squid-2.6.STABLE11.tar.bz2) = 30b38de0a0a7ffce4350f3ca638e9b2e
-SHA256 (squid2.6/squid-2.6.STABLE11.tar.bz2) = 98e7d72efff757e7bea4aa33fd3750e152db9cd1e92de07c3252b1a6fa541490
-SIZE (squid2.6/squid-2.6.STABLE11.tar.bz2) = 1263864
+MD5 (squid2.6/squid-2.6.STABLE12.tar.bz2) = a830ccc95cb39cdfa5e5b773add0bb0d
+SHA256 (squid2.6/squid-2.6.STABLE12.tar.bz2) = 7956fb449cc8ce7b3e01b6bc5dd1318810c11c0630ef7fa4989ae15dfabdb858
+SIZE (squid2.6/squid-2.6.STABLE12.tar.bz2) = 1263085
	


>Release-Note:
>Audit-Trail:
>Unformatted: