diff options
author | tron <tron@pkgsrc.org> | 2009-09-13 14:37:57 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2009-09-13 14:37:57 +0000 |
commit | 963fc954a8126e53340467a8b25aa5a676081fda (patch) | |
tree | 9a31f96550d882dfb13d6239a722854dbd902185 | |
parent | bd18ed3ea04d86e4e7c634c27fbd2979c81b415f (diff) | |
download | pkgsrc-963fc954a8126e53340467a8b25aa5a676081fda.tar.gz |
Pullup ticket #2888 - requested taca
squid27: security patch
Revisions pulled up:
- www/squid27/Makefile 1.8
- www/squid27/distinfo 1.5
- www/squid27/patches/patch-am 1.1
---
Module Name: pkgsrc
Committed By: taca
Date: Sun Sep 13 01:00:17 UTC 2009
Modified Files:
pkgsrc/www/squid27: Makefile distinfo
Added Files:
pkgsrc/www/squid27/patches: patch-am
Log Message:
Add CVE-2009-2855 DoS fix from squid's repositry.
Bump PKGREVISION.
-rw-r--r-- | www/squid27/Makefile | 4 | ||||
-rw-r--r-- | www/squid27/distinfo | 3 | ||||
-rw-r--r-- | www/squid27/patches/patch-am | 37 |
3 files changed, 41 insertions, 3 deletions
diff --git a/www/squid27/Makefile b/www/squid27/Makefile index 20cd4ef6d70..8b6c87bc764 100644 --- a/www/squid27/Makefile +++ b/www/squid27/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.7 2009/07/01 02:17:46 taca Exp $ +# $NetBSD: Makefile,v 1.7.2.1 2009/09/13 14:37:57 tron Exp $ DISTNAME= squid-2.7.STABLE6 PKGNAME= ${DISTNAME:S/STABLE//} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= www MASTER_SITES= ${SQUID_MASTER_SITES} \ http://www.squid-cache.org/Versions/v2/2.7/ diff --git a/www/squid27/distinfo b/www/squid27/distinfo index 0dcfe5c6df6..d197f33a045 100644 --- a/www/squid27/distinfo +++ b/www/squid27/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.4 2009/02/05 13:43:06 taca Exp $ +$NetBSD: distinfo,v 1.4.4.1 2009/09/13 14:37:57 tron Exp $ SHA1 (squid-2.7.STABLE6.tar.bz2) = b4b323be1ff3617a22070c243b2504f30d6b302d RMD160 (squid-2.7.STABLE6.tar.bz2) = d804175b95c6b026abed505b086eeaa2c479d2e2 @@ -15,3 +15,4 @@ SHA1 (patch-ai) = bf6438e8fb577342c782d2b729add0698bf99e9c SHA1 (patch-aj) = f1d18a900d7ada0985499979398bb12dace3ee40 SHA1 (patch-ak) = 6863cac0fe9100f4b8c3c05cb321324a4abf0a4c SHA1 (patch-al) = 43ff4508d964d273227263b7a623d67725e8b7bd +SHA1 (patch-am) = 2d098a9da3ba83a340cd9552950cc02e3de47cf9 diff --git a/www/squid27/patches/patch-am b/www/squid27/patches/patch-am new file mode 100644 index 00000000000..2a731773289 --- /dev/null +++ b/www/squid27/patches/patch-am @@ -0,0 +1,37 @@ +$NetBSD: patch-am,v 1.1.2.2 2009/09/13 14:37:57 tron Exp $ + +* A patch for CVE-2009-2855 DoS fix from squid's repositry: PatchSet 12541. + +--- src/HttpHeaderTools.c.orig 2008-04-02 10:00:11.000000000 +0900 ++++ src/HttpHeaderTools.c +@@ -239,6 +239,10 @@ int + strListGetItem(const String * str, char del, const char **item, int *ilen, const char **pos) + { + size_t len; ++ /* ',' is always enabled as field delimiter as this is required for ++ * processing merged header values properly, even if Cookie normally ++ * uses ';' as delimiter. ++ */ + static char delim[3][8] = + { + "\"?,", +@@ -261,16 +265,15 @@ strListGetItem(const String * str, char + /* find next delimiter */ + do { + *pos += strcspn(*pos, delim[quoted]); +- if (**pos == del) +- break; + if (**pos == '"') { + quoted = !quoted; + *pos += 1; +- } +- if (quoted && **pos == '\\') { ++ } else if (quoted && **pos == '\\') { + *pos += 1; + if (**pos) + *pos += 1; ++ } else { ++ break; /* Delimiter found, marking the end of this value */ + } + } while (**pos); + len = *pos - *item; /* *pos points to del or '\0' */ |