Log message:
pullup ticket 2438 requested by taca
squid: fixes security problems

pkgsrc/www/squid/Makefile	1.206,1.207
pkgsrc/www/squid/distinfo	1.138,1.139

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sat Jun 21 10:33:55 UTC 2008

   Modified Files:
   	pkgsrc/www/squid: Makefile distinfo

   Log message:
   Update squid package to 2.6.20 (2.6.STABLE20).
   It would be last 2.6 stable release.

   Changes to squid-2.6.STABLE20 (25 Apr 2008)

   	- Bug #2263: Custom log formats fail to log file sizes >2GB properly
   	  on 32-bit platforms
   	- Fix stripping NT domain in squid_ldap_group
   	- Bug #2278: Cache-Control: max-stale=0 forwarded wrongly as max-stale
   	(without delta)
   	- Bug #2283: Fails to parse chunked encoding using chunk extensions
   	- Bug #420: Deal properly with empty list HTTP header members
   	- Windows Server 2008 support
   	- Bug #1886: tcp_outgoing_address acl doesn't work with indirect
   	  source address (follow-x-forwarded-for)
   	- Bug #2296: Stuck in 100% CPU when fetching an corrupt peer digest
   	- Add support for the resolv.conf domain directive, and also
   	  automatically derived default domain
   	- minimum_icp_query_timeout directive
   	- Bug #2329: Range header ignored on HIT

   ------------------------------------------------------------------------

   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Jun 29 01:02:09 UTC 2008

   Modified Files:
   	pkgsrc/www/squid: Makefile distinfo

   Log message:
   Update www/squid package to 2.6.21 (2.6.STABLE21) which contains
   two security fixes:

   	- Bug #1993: Memory leak in http_reply_access deny processing
   	- Bug #2122: In some situations collapsed_forwarding could leak
   	  private information

   Changes to squid-2.6.STABLE21 (27 June 2008)

   	- Bug #2350: Bugs in Linux kernel capabilities code
   	- Bug #2241: weights not applied properly in round-robin peer
   	  selection
   	- Off by one error in DNS label decompression could cause valid DNS
   	  messages to be rejected
   	- logformat docs contain extra whitespace
   	- Reject ridiculously large ASN.1 lengths
   	- Fix SNMP reporting of counters with a value > 0xFF80000
   	- Correct spelling of WCCPv2 dst_port_hash to match the source
   	- Plug some "squid -k reconfigure" memory leaks. Mostly SSL related.
   	- Bug #1993: Memory leak in http_reply_access deny processing
   	- Bug #2122: In some situations collapsed_forwarding could leak
   	  private information
   	- Bug #2376: Round-Robin becomes unbalanced when a peer dies and comes
   	  back
   	- Bug #2387: The calculation of the number of hash buckets need to
   	  account for the memory size, not only disk size
   	- Bug #2393: DNS requests retried indefinitely at full speed on failed
   	  TCP connection
   	- Bug #2393: DNS retransmit queue could get hold up
   	- Correct socket syscalls statistics in commResetFD()