Update to 2.6.STABLE12. This update fixes a denial of service vulnerability in the TRACE method. Proposed VuXML entry, entry date left to be filled in: <vuln vid="b5affc11-d793-11db-9f0f-0048543d60ce"> <topic>squid -- TRACE method handling denial of service</topic> <affects> <package> <name>squid</name> <range><ge>2.6.1</ge> <range><lt>2.6.12</lt> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>Squid advisory 2007:1 notes:</p> <blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2007_1.txt"> <p>Due to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method.</p> <p>Workarounds:</p> <p>To work around the problem deny access to using the TRACE method by inserting the following two lines before your first http_access rule</p> <p>acl TRACE method TRACE</p> <p>http_access deny TRACE</p> </body> </description> <references> <url>http://www.squid-cache.org/Advisories/SQUID-2007_1.txt</url> </references> <dates> <discovery>2007-03-20</discovery> </dates> </vuln> Fix: Apply this patch:
Responsible Changed From-To: freebsd-ports-bugs->miwi I'll take it.
miwi 2007-03-21 13:13:07 UTC FreeBSD ports repository Modified files: www/squid Makefile distinfo Log: - Update to 2.6.STABLE.12 PR: 110610 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Security: http://www.vuxml.org/freebsd/c27bc173-d7aa-11db-b141-0016179b2dd5.html Revision Changes Path 1.197 +2 -2 ports/www/squid/Makefile 1.153 +3 -3 ports/www/squid/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!