ports/177773: [patch] www/squid: vendor fix for CVE-2012-5643
Kan Sasaki
sasaki at fcc.ad.jp
Thu Apr 11 00:30:01 UTC 2013
>Number: 177773
>Category: ports
>Synopsis: [patch] www/squid: vendor fix for CVE-2012-5643
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 11 00:30:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Kan Sasaki
>Release: FreeBSD 9.1-STABLE amd64
>Organization:
>Environment:
>Description:
Add an additional vendor patch to fix the DoS condition in cachemgr.cgi (SQUID-2012:1, CVE-2012-5643).
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
Index: Makefile
===================================================================
--- Makefile (revision 315774)
+++ Makefile (working copy)
@@ -108,8 +108,8 @@
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://www2.tw.squid-cache.org/%SUBDIR%/
PATCH_SITE_SUBDIR= Versions/v2/2.7/changesets
-PATCH_DIST_STRIP= -p1
-PATCHFILES= # empty
+#PATCH_DIST_STRIP= -p1
+PATCHFILES= SQUID-2012_1.patch
MAINTAINER= tmseck at FreeBSD.org
COMMENT= HTTP Caching Proxy
Index: distinfo
===================================================================
--- distinfo (revision 315774)
+++ distinfo (working copy)
@@ -1,2 +1,4 @@
SHA256 (squid2.7/squid-2.7.STABLE9.tar.bz2) = c0bdfcb5bb68debc1c9441308178bf148c67979b824c892a4710dc80a5b05d5e
SIZE (squid2.7/squid-2.7.STABLE9.tar.bz2) = 1351366
+SHA256 (squid2.7/SQUID-2012_1.patch) = a456ed7a45fbecd94a4c68c0e72905135c4424c41c01ab858dc8c5760ee03a6f
+SIZE (squid2.7/SQUID-2012_1.patch) = 4804
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list