Path to this page:
Subject: CVS commit: pkgsrc/www/squid3
From: Takahiro Kambe
Date: 2018-04-30 10:57:49
Message id: 20180430085749.E6D2FFBEC@cvs.NetBSD.org
Log Message:
www/squid3: Add official security patch SQUID-2018_3
Add security patch for SQUID-2018_3.
Bump PKGREVISION.
http://www.squid-cache.org/Advisories/SQUID-2018_3.txt
__________________________________________________________________
Problem Description:
Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses.
__________________________________________________________________
Severity:
This problem allows a remote server delivering ESI responses
to trigger a denial of service for all clients accessing the
Squid service.
This problem is limited to Squid operating as reverse proxy.
Files: