Path to this page:
Subject: CVS commit: [pkgsrc-2010Q2] pkgsrc/www
From: S.P.Zeidler
Date: 2010-09-09 21:50:19
Message id: 20100909195019.98B3E175DD@cvs.netbsd.org
Log Message:
Pullup ticket 3216 - requested by tron
security update
Revisions pulled up:
- pkgsrc/www/squid/options.mk 1.20
- pkgsrc/www/squid31/Makefile 1.26
- pkgsrc/www/squid31/distinfo 1.24
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Wed Jul 28 10:16:14 UTC 2010
Modified Files:
pkgsrc/www/squid: options.mk
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Changes 3.1.5.1:
* SourceFormat Enforcement
* Replace most USE_IPV6 with run-time support probing
* Translations: sync with 3.HEAD language updates
* Split-Stack enable DNS and http(s)_port sockets.
* Bug: --with-valgrind-debug failures ignored
* Fixed comm.cc:377: "fd_table[fd].halfClosedReader !=3D NULL" assertion
* Kludge: try to detect system acinclude path, to fix libtool brokenness.
* Bug: search scope for digest_ldap_auth didn't work
* Update libtool autoconf macros to libtool2 style
* Correction documentation of QoS disable-preserve-miss
* Remove .so from SASL build checks
* Bug: AIX support: c only c++ style comments test case
* Bug: AIX support: check libm for log()
* Do not stop accepting just because we got COMM_NOMESSAGE.
* Bug: AIX support: uchar is already define (more)
* Bug: AIX support: uchar is already define
* Bug: crash handling NULL write callback
* Correct Joomla DB auth handling
* Fixed memory leak related to retried requests.
* Prevent memory leaks when cloning Range requests.
* Fixed memory leaks related to Range requests.
Changes 3.1.5:
* Bug: Fix context leak in HttpStateData::processReplyHeader
* Bug: raw-IPv6 address URL with append_domain broken
* Bug: does not send indirect X-Client-Ip in ICAP respmod
* Fix free memory corruption and off-by-on error when comparing SNMP OIDs
* Restart DNS retransmission count when restarting the query as an A lookup
* Bug: HTTP responses with no Date, L-M or Expires can now be cached
* Maintenance: Formater skip libltdl dirs
* SourceFormat Enforcement
* Bug: Fails to detect chunked encoding if not given in all lower case
* Port from 2.7: max_filedescriptor config option
* persistent_connection_after_error is meant to be on by default
* kFreeBSD does not have linux headers. Wrap properly.
* Maintenance: Use system MD5 instead of hard-coded python paths
* Bug: ICAP tokens not logged when using multiple access
* SourceFormat Enforcement
* OpenBSD: Fix build mem.cc warning: converting of negative value
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/squid/options.mk
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 4 11:36:08 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.6. Changes since 3.1.5.1:
- Bug 2994, 2995: IPv4-only regressions
- Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec()
- Bug 2975: chunked requests not supported after regular ones
- Fix: 32-bit overflow in reported bytes received from next hop
- Fix Libtool build regressions
- Limited split-stack IPv6 support.
- squid_db_auth support MD5 encrypted passwords
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Aug 25 17:53:44 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.7. Change since 3.1.6:
- Regression Bug 3021: Large DNS reply causes crash
- Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
- Regression Bug 2997: visible_hostname directive no longer matches docs
- Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
- Bug 3006: handle IPV6_V6ONLY definition missing
- Bug 3004: Solaris 9 SunStudio 12 build failure
- Bug 3003: inconsistent concepts in documentation of cache_dir
- Bug 3001: dnsserver link issues
- HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
- HTTP/1.1: Improved Range header field validation
- HTTP/1.1: Forward multiple unknown Cache-Control directives
- HTTP/1.1: Stop sending Proxy-Connection header
- Fix 32-bit wrap in refresh_pattern min/max values
- ... and several documentation corrections.
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/distinfo
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Tue Sep 7 19:55:17 UTC 2010
Modified Files:
pkgsrc/www/squid31: Makefile distinfo
Log Message:
Update "squid31" package to version 3.1.8. Changes since 3.1.7:
- Security fixes:
- Fixes for the request processing vulnerability tagged SQUID-2010:3.
http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
- A hardening of the DNS client against packet queueing approaches
used to enable attacks. This completes the protection against attacks
published by Yamaguchi late in 2009.
- An HTTP request-line parser hardened against several categories of
request attack. This greatly increasing the speed of detection and
reducing resources used to detect these categories of attack.
- Fixes for the following bugs:
- Bug 3020: Segmentation fault: nameservers[vc->ns].vc =3D NULL
- Bug 3005,2972: Locate LTDL headers correctly (again)
- Bug 2872: leaking file descriptors
- Bug 2583: pure virtual method called
To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 pkgsrc/www/squid31/Makefile
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/distinfo
Files: