Log message:
revbump for boost-libs

Log message:
www/squid4: update to 4.16

Changes in squid-4.16 (04 Jul 2021):

	- Regression Fix: --with-valgrind-debug build broken since 4.15
	- Bug 5129 pt1: remove Lock use from HttpRequestMethod
	- Bug 5128: Translation: Fix '% i' typo in es/ERR_FORWARDING_DENIED
	- Bug 4528: ICAP transactions quit on async DNS lookups

Log message:
*: recursive bump for perl 5.34

Log message:
www/squid4: update to 4.15

This release fixes these security issues from prior release.

* SQUID-2020:11 HTTP Request Smuggling
  (CVE-2020-25097)
* SQUID-2021:1 Denial of Service in URN processing
  (CVE-2021-28651)
* SQUID-2021:2 Denial of Service in HTTP Response Processing
  (CVE-2021-28662)
* SQUID-2021:3 Denial of Service issue in Cache Manager
  (CVE-2021-28652)
* SQUID-2021:4 Multiple issues in HTTP Range header
  (CVE-2021-31806, CVE-2021-31807, CVE-2021-31808)
* SQUID-2021:5 Denial of Service in HTTP Response Processing
  (CVE pending allocation)

Changes in squid-4.15 (10 May 2021):

	- Bug 5112: Excessively loud chunked reply parsing error reporting
	- Bug 5106: Broken cache manager URL parsing
	- Bug 5104: Memory leak in RFC 2169 response parsing
	- Bug 3556: "FD ... is not an open socket" for accept() problems
	- Profiling: CPU timing implemented for MAC non-x86
	- Fix HttpHeaderStats definition to include hoErrorDetail
	- Fix Squid-to-client write_timeout triggers client_lifetime timeout
	- Limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs
	- Handle more Range requests
	- Handle more partial responses
	- Stop processing a response if the Store entry is gone
	- ... and some portability fixes
	- ... and some documentation updates

Log message:
squid4: remove dead download link

Log message:
revbump for boost-libs

Log message:
www/squid4: update to 4.14

Changes in squid-4.14 (02 Feb 2021):

- Regression Fix: support for non-lowercase Transfer-Encoding value
- Regression Fix: cachemgr.cgi wrong 403 response to authenticated menu URIs
- Bug 5076: WCCP Security Info incorrect
- Bug 5073: Compile error: index was not declared in this scope
- Bug 5065: url_rewrite_program documentation update
- Bug 3074 pt2: improved handling of URI paths implicit '/'
- Fix transactions exceeding client_lifetime logged as _ABORTED

Log message:
squid4: needs atomic64

Log message:
*: bump PKGREVISION for perl-5.32.

Log message:
www/squid4: update to 4.13

Update squid4 to 4.13 (Squid 4.13).

Here is release announce:

The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-4.13 release!

This release is a security release resolving several issues found in
the prior Squid releases.

The major changes to be aware of:

 * SQUID-2020:8 HTTP(S) Request Splitting
   (CVE-2020-15811)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the browser
cache and any downstream caches with content from an arbitrary
source.

See the advisory for patches:
 <https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv>

 * SQUID-2020:9 Denial of Service processing Cache Digest Response
   (CVE pending allocation)

This problem allows a trusted peer to deliver to perform Denial
of Service by consuming all available CPU cycles on the machine
running Squid when handling a crafted Cache Digest response
message.

This attack is limited to Squid using cache_peer with cache
digests feature.

See the advisory for patches:
 <https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg>

 * SQUID-2020:10 HTTP(S) Request Smuggling
   (CVE-2020-15810)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the proxy
cache and any downstream caches with content from an arbitrary
source.

See the advisory for patches:
 <https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m>

 * Bug 5051: Some collapsed revalidation responses never expire

This bug appears as a 4xx or 5xx status response becoming the only
response delivered by Squid to a URL when Collapsed Forwarding
feature is used.

It primarily affects Squid which are caching the 4xx/5xx status
object since Bug 5030 fix in Squid-4.11. But may have been
occurring for short times on any proxy with Collapsed Forwarding.

 * SSL-Bump: Support parsing GREASEd (and future) TLS handshakes

Chrome Browser intentionally sends random garbage values in the
TLS handshake to force TLS implementations to cope with future TLS
extensions cleanly. The changes in Squid-4.12 to disable TLS/1.3
caused our parser to be extra strict and reject this TLS garbage.

This release adds explicit support for Chrome, or any other TLS
agent performing these "GREASE" behaviours.

 * Honor on_unsupported_protocol for intercepted https_port

This behaviour was one of the intended use-cases for unsupported
protocol handling, but somehow was not enabled earlier.

Squid should now be able to perform the on_unsupported_protocol
selected action for any traffic handled by SSL-Bump.

  All users of Squid are urged to upgrade as soon as possible.

See the ChangeLog for the full list of changes in this and earlier
releases.

Please refer to the release notes at
http://www.squid-cache.org/Versions/v4/RELEASENOTES.html
when you are ready to make the switch to Squid-4