diff options
| -rw-r--r-- | www/squid27/Makefile | 4 | ||||
| -rw-r--r-- | www/squid27/distinfo | 3 | ||||
| -rw-r--r-- | www/squid27/patches/patch-ao | 25 |
3 files changed, 29 insertions, 3 deletions
diff --git a/www/squid27/Makefile b/www/squid27/Makefile index e0d66f26b77..061fb04c5d3 100644 --- a/www/squid27/Makefile +++ b/www/squid27/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.11 2010/02/02 14:43:57 taca Exp $ +# $NetBSD: Makefile,v 1.12 2010/02/14 13:27:52 taca Exp $ DISTNAME= squid-2.7.STABLE7 PKGNAME= ${DISTNAME:S/STABLE//} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= www MASTER_SITES= ${SQUID_MASTER_SITES} \ http://www.squid-cache.org/Versions/v2/2.7/ diff --git a/www/squid27/distinfo b/www/squid27/distinfo index 925e523de3e..2aec2932ee8 100644 --- a/www/squid27/distinfo +++ b/www/squid27/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.7 2010/02/02 14:43:57 taca Exp $ +$NetBSD: distinfo,v 1.8 2010/02/14 13:27:52 taca Exp $ SHA1 (squid-2.7.STABLE7.tar.bz2) = 0729116f309093e4f141e000136cdec39290628a RMD160 (squid-2.7.STABLE7.tar.bz2) = a13df321fb0831de963c77f6e33e3f374634d353 @@ -16,3 +16,4 @@ SHA1 (patch-aj) = c5c7cd10a63a5066eee63988775f71758ed5463e SHA1 (patch-ak) = 6863cac0fe9100f4b8c3c05cb321324a4abf0a4c SHA1 (patch-al) = a9e957a90dc6956e59668c297dd8566642baecff SHA1 (patch-an) = 9170bdd57f5428e7b64b4db2e1ffdee3c032643e +SHA1 (patch-ao) = 5df91c372baf8d81fcb47a5e847c7ed77bed8d7a diff --git a/www/squid27/patches/patch-ao b/www/squid27/patches/patch-ao new file mode 100644 index 00000000000..59ef9174e90 --- /dev/null +++ b/www/squid27/patches/patch-ao @@ -0,0 +1,25 @@ +$NetBSD: patch-ao,v 1.1 2010/02/14 13:27:52 taca Exp $ + +This is fix for security problem: + +http://www.squid-cache.org/Advisories/SQUID-2010_2.txt + +Since the announced patch contains RCS style revision string, it never +applied to clearly. + +http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch. + +--- src/htcp.c.orig 2008-05-04 23:23:13.000000000 +0000 ++++ src/htcp.c +@@ -950,6 +950,11 @@ htcpHandleClr(htcpDataHeader * hdr, char + debug(31, 3) ("htcpHandleClr: htcpUnpackSpecifier failed\n"); + return; + } ++ if (!s->request) { ++ debug(31, 2) ("htcpHandleTstRequest: failed to parse request\n"); ++ htcpFreeSpecifier(s); ++ return; ++ } + if (!htcpAccessCheck(Config.accessList.htcp_clr, s, from)) { + debug(31, 2) ("htcpHandleClr: Access denied\n"); + htcpFreeSpecifier(s); |