- Update www/squid to 2.7.STABLE6 - Update www/squid30 to 3.0.STABLE13 These updates address Squid-Advisory 2009:1. Proposed VuXML-Entry: <vuln vid="aecf2672-f3b9-11dd-8163-0048543d60ce"> <topic>Squid -- remote denial of service vulnerability</topic> <affects> <package> <name>squid</name> <range><ge>2.7.1</ge><lt>2.7.6</lt></range> <range><ge>3.0.1</ge><lt>3.0.13</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>Squid security advisory 2009:1 reports:</p> <blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2009_1.txt"> <p>Due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests.</p> <p>This problem allows any client to perform a denial of service attack on the Squid service.</p> </blockquote> </body> </description> <references> <url>http://secunia.com/advisories/33731/</url> </references> <dates> <discovery>2009-02-02</discovery> </dates> </vuln> Fix: Apply these patches: www/squid: www/squid30:
Responsible Changed From-To: freebsd-ports-bugs->miwi I'll take it.
miwi 2009-02-09 14:04:18 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: - Document squid -- remote denial of service vulnerability PR: based on 131431 Revision Changes Path 1.1850 +31 -1 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
miwi 2009-02-09 14:22:07 UTC FreeBSD ports repository Modified files: www/squid30 Makefile distinfo Log: - Update to 3.0.STABLE13 PR: 131431 Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) Security: http://www.vuxml.org/freebsd/9c2460a4-f6b1-11dd-94d9-0030843d3802.html Revision Changes Path 1.222 +1 -1 ports/www/squid30/Makefile 1.170 +3 -3 ports/www/squid30/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
miwi 2009-02-09 14:32:12 UTC FreeBSD ports repository Modified files: www/squid Makefile distinfo www/squid/files patch-configure patch-squid_kerb_auth Log: - Update 2.7.STABLE6 PR: 131431 Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) Security: http://www.vuxml.org/freebsd/9c2460a4-f6b1-11dd-94d9-0030843d3802.html Revision Changes Path 1.219 +1 -1 ports/www/squid/Makefile 1.167 +3 -3 ports/www/squid/distinfo 1.4 +5 -5 ports/www/squid/files/patch-configure 1.2 +117 -131 ports/www/squid/files/patch-squid_kerb_auth _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!