pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/www/squid
From: Takahiro Kambe
Date: 2004-02-12 15:45:00
Message id: 20040212144500.7744B2DA1D@cvs.netbsd.org

Log Message:
Update squid package to 2.5.4nb8; apply five official patches.

o Empty proxy_auth ACLs are silently accepted but lead to unpredictable ACL matching

synopsis	If a proxy_auth acl is incorrectly defined with no members
		then any http_access rules using this acl will give
		unpredictable results depending on the results of earlier
		acl lookups.  This patch corrects both the reason to why
		acl lookups became unpredictable and makes Squid reject
		such incorrect acl definitions.
severity	Medium
date		2004-01-15 07:44
bugzilla	#893
versions	Squid-2.5 and earlier
platforms	All
workaround	Make sure your proxy_auth acls are correctly defined.  If
		the acl should not match any users then don't declare the
		acl at all.

o Squid doesn't follow telnet protocol on FTP control connections

synopsis	Squid forgot to escape IAC characters (ascii code 255) in
		FTP requests, causing problems to access files/directories
		using this character in their name or to log in with this
		character in the login or password.
severity	Minor
date		2004-02-03 14:38
bugzilla	#877
versions	Squid-2.5 and earlier
platforms	All
workaround	Double any such characters in the input to Squid.  (%ff%ff
		instead of %ff)

o Random auth popups and account lockouts when using NTLM

synopsis	When using NTLM authentication random auth popups and
		account lockouts may be experienced.
severity	Medium
date		2004-02-11 22:12
bugzilla	#908
versions	Squid-2.5
platforms	All
workaround	It may help to configure a lot of NTLM helpers but this is
		not verified.

o squid_ldap_group -S option did not work

synopsis	The -S and -E options in squid_ldap_group v2.12 was mixed
		up, making the options somewhat hard to use.
severity	Minor
date		2004-02-09 17:10
bugzilla	#911
versions	Squid-2.5.STABLE4 + ldap_group 2.12 patch
platforms	All
workaround	Specify -E instead of -S.

o Squid stuck at 100% CPU loop in ipcache_purgelru, or segfault in the same

synopsis	The squid-2.5.STABLE4-connect_cleanup.patch was not
		entirely correct and could cause memory corruption in
		certain situations involving negative DNS replies (host not
		found etc)
severity	Major
date		2004-02-12 09:42
bugzilla	#891
versions	Squid-2.5.STABLE4-20031210 to 20040212
platforms	All

Files:

Revision	Action	file
1.102	modify	pkgsrc/www/squid/Makefile
1.48	modify	pkgsrc/www/squid/distinfo