68448 – [Maintainer] www/squid: fix FOLLOW_XFF, use vendor patch for NTLM vulnerability

Bug 68448 - [Maintainer] www/squid: fix FOLLOW_XFF, use vendor patch for NTLM vulnerability

Summary: [Maintainer] www/squid: fix FOLLOW_XFF, use vendor patch for NTLM vulnerability

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2004-06-28 17:30 UTC by Thomas-Martin Seck
Modified:	2004-06-28 17:56 UTC (History)
CC List:	0 users

See Also:

Attachments
file.diff (5.74 KB, patch) 2004-06-28 17:30 UTC, Thomas-Martin Seck	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas-Martin Seck 2004-06-28 17:30:25 UTC

- fix the patch that simulates the autotools bootstrap for the follow-xff-
  patchset (thanks to Michael Ranner for spotting the problem and
  testing the fix). While at it, wordsmith the comments in the patch.

- use the official patch for the NTLM auth helper vulnerability, see
  <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for details. This
  patch is functionally identical to the FreeBSD patch in
  files/patch-helpers-ntlm_auth-SMB-libntlmssp.c

- build install the SMB basic authentication helpers by default, too

- bump PORTREVISION

Note to committer:
please 'cvs rm' files/patch-helpers-ntlm_auth-SMB-libntlmssp.c

Fix: Apply this patch:

Comment 1 Kirill Ponomarev freebsd_committer

2004-06-28 17:56:12 UTC

State Changed
From-To: open->closed

Committed, thanks!