pkgsrc.se | The NetBSD package collection

./www/squid3, Post-Harvest_cached WWW proxy cache and accelerator

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q1, Version: 3.5.27nb3, Package name: squid-3.5.27nb3, Maintainer: pkgsrc-users

Squid is a fully-featured HTTP/1.0 proxy with partial HTTP/1.1 support
The 3.1 series brings many new features and upgrades to the basic
networking protocols. A short list of the major new features is:

* Connection Pinning (for NTLM Auth Passthrough)
* Native IPv6
* Quality of Service (QoS) Flow support
* Native Memory Cache
* SSL Bump (for HTTPS Filtering and Adaptation)
* TProxy v4.1+ support
* eCAP Adaptation Module support
* Error Page Localization
* Follow X-Forwarded-For support
* X-Forwarded-For options extended (truncate, delete, transparent)
* Peer-Name ACL
* Reply headers to external ACL.
* ICAP and eCAP Logging
* ICAP Service Sets and Chains
* ICY (SHOUTcast) streaming protocol support
* HTTP/1.1 support on connections to web servers and peers.
(with plans to make this full support within the 3.1 series)

Required to run:
[lang/perl5] [devel/libltdl]

Required to build:
[pkgtools/cwrappers]

Package options: inet6, snmp, squid-backend-diskd, squid-carp, squid-ipf, squid-pam-helper, squid-unlinkd, ssl

Master sites: (Expand)

SHA1: 1e69c96d13cd49844da3bcf33a0b428fbe7b6f77
RMD160: d3426f5d4ebda4834d069b4cc4bb3366fc4873b4
Filesize: 2249.48 KB

Version history: (Expand)

(2018-05-06) Updated to version: squid-3.5.27nb3
(2018-04-04) Package added to pkgsrc.se, version squid-3.5.27nb2 (created)

CVS history: (Expand)

2018-05-06 13:58:34 by S.P.Zeidler | Files touched by this commit (2)

Log message:
Pullup ticket #5752 - requested by taca
www/squid3: security patch

Revisions pulled up:
- www/squid3/Makefile                                           1.81
- www/squid3/distinfo                                           1.63

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Mon Apr 30 08:57:49 UTC 2018

   Modified Files:
   	pkgsrc/www/squid3: Makefile distinfo

   Log message:
   www/squid3: Add official security patch SQUID-2018_3

   Add security patch for SQUID-2018_3.

   Bump PKGREVISION.

   http://www.squid-cache.org/Advisories/SQUID-2018_3.txt

   __________________________________________________________________

   Problem Description:

    Due to incorrect pointer handling Squid is vulnerable to denial
    of service attack when processing ESI responses.

   __________________________________________________________________

   Severity:

    This problem allows a remote server delivering ESI responses
    to trigger a denial of service for all clients accessing the
    Squid service.

    This problem is limited to Squid operating as reverse proxy.

   To generate a diff of this commit:
   cvs rdiff -u -r1.80 -r1.81 pkgsrc/www/squid3/Makefile
   cvs rdiff -u -r1.62 -r1.63 pkgsrc/www/squid3/distinfo