Bug 193737

Summary: security fix for squids
Product: Ports & Packages Reporter: Pavel Timofeev <timp87>
Component: Individual Port(s)Assignee: Guido Falsi <madpilot>
Status: Closed FIXED    
Severity: Affects Many People CC: madpilot
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
www/squid
none
www/squid33 none

Description Pavel Timofeev 2014-09-18 08:26:07 UTC 
Created attachment 147427 [details]
www/squid

Some security vulnerabilities were reported for squid.
Developers released squid-3.4.8 with that fixed. They also released patches for squid-3.3.13

Here is info http://squidproxy.wordpress.com/2014/09/07/squid-cache-org-outage/

Here is two diffs for our ports tree which update www/squid to lastest 3.4.8 and add official patches to www/squid33.
Comment 1 Pavel Timofeev 2014-09-18 08:26:25 UTC 
Created attachment 147428 [details]
www/squid33
Comment 2 commit-hook freebsd_committer freebsd_triage 2014-09-18 13:21:32 UTC 
A commit references this bug:

Author: madpilot
Date: Thu Sep 18 13:20:58 UTC 2014
New revision: 368455
URL: http://svnweb.freebsd.org/changeset/ports/368455

Log:
  Document new squid vulnerability.

  PR:		193737
  Submitted by:	timp87 at gmail.com
  MFH:		2014Q3

Changes:
  head/security/vuxml/vuln.xml
Comment 3 commit-hook freebsd_committer freebsd_triage 2014-09-18 13:24:34 UTC 
A commit references this bug:

Author: madpilot
Date: Thu Sep 18 13:24:03 UTC 2014
New revision: 368457
URL: http://svnweb.freebsd.org/changeset/ports/368457

Log:
  Update squid to 3.4.8 and add patches to squid33.

  This update addresses CVE-2014-6270.

  PR:		193737
  Submitted by:	timp87 at gmail.com

Changes:
  head/www/squid/Makefile
  head/www/squid/distinfo
  head/www/squid33/Makefile
  head/www/squid33/distinfo
Comment 4 Guido Falsi freebsd_committer freebsd_triage 2014-09-18 13:28:53 UTC 
Committed, with minor changes.

Thanks.