Bug 208939

Summary: www/squid: update to 3.5.17 (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054/SQUID-2016:6)
Product: Ports & Packages Reporter: Pavel Timofeev <timp87>
Component: Individual Port(s)Assignee: Kurt Jaeger <pi>
Status: Closed FIXED    
Severity: Affects Some People CC: pi
Priority: --- Flags: pi: maintainer-feedback+
pi: merge-quarterly+
Version: Latest   
Hardware: amd64   
OS: Any   
Attachments:
Description Flags
port patch timp87: maintainer-approval+

Description Pavel Timofeev 2016-04-20 18:10:59 UTC 
Created attachment 169499 [details]
port patch

SQUID-2016:6 (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054), Apr 20, 2016
Fixed from 4.0.9, 3.5.17 
Multiple issues in ESI processing

http://www.squid-cache.org/Advisories/SQUID-2016_5.txt
Comment 1 Kurt Jaeger freebsd_committer freebsd_triage 2016-04-20 18:28:59 UTC 
testbuilds@work
Comment 2 commit-hook freebsd_committer freebsd_triage 2016-04-20 18:49:58 UTC 
A commit references this bug:

Author: pi
Date: Wed Apr 20 18:49:29 UTC 2016
New revision: 413697
URL: https://svnweb.freebsd.org/changeset/ports/413697

Log:
  www/squid: 3.5.16 -> 3.5.17

  Changes:
    http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID_3_5_17.html
    http://www.squid-cache.org/Advisories/SQUID-2016_5.txt

  PR:		208939
  Submitted by:	Pavel Timofeev <timp87@gmail.com> (maintainer)
  MFH:		2016Q2
  Security:	CVE-2016-4052, CVE-2016-4053, CVE-2016-4054

Changes:
  head/www/squid/Makefile
  head/www/squid/distinfo
Comment 3 commit-hook freebsd_committer freebsd_triage 2016-04-21 02:02:28 UTC 
A commit references this bug:

Author: junovitch
Date: Thu Apr 21 02:01:29 UTC 2016
New revision: 413710
URL: https://svnweb.freebsd.org/changeset/ports/413710

Log:
  Document squid -- multiple vulnerabilities

  PR:		208939
  Reported by:	Pavel Timofeev <timp87@gmail.com>
  Security:	CVE-2016-4054
  Security:	CVE-2016-4053
  Security:	CVE-2016-4052
  Security:	CVE-2016-4051
  Security:	https://vuxml.FreeBSD.org/freebsd/e05bfc92-0763-11e6-94fa-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml
Comment 4 commit-hook freebsd_committer freebsd_triage 2016-04-21 07:44:56 UTC 
A commit references this bug:

Author: pi
Date: Thu Apr 21 07:44:45 UTC 2016
New revision: 413719
URL: https://svnweb.freebsd.org/changeset/ports/413719

Log:
  MFH: r413688 r413697

  www/squid: Add all available official patches up to 14031

  It fixes two annoying and long-standing problems:
  - header forgery detection (using sslbump) leads to crash
  - add chained certificates and signing certificate to
    peek-then-bumped connections.

  PR:		207901
  Submitted by:	Pavel Timofeev <timp87@gmail.com> (maintainer)
  Reported by:	Christophe Anselme-Moizan <christophe.anselmemoizan@orange.com>

  www/squid: 3.5.16 -> 3.5.17

  Changes:
    http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID_3_5_17.html
    http://www.squid-cache.org/Advisories/SQUID-2016_5.txt

  PR:		208939
  Submitted by:	Pavel Timofeev <timp87@gmail.com> (maintainer)
  Security:	CVE-2016-4052, CVE-2016-4053, CVE-2016-4054

  Approved by:	ports-secteam (junovitch)

Changes:
_U  branches/2016Q2/
  branches/2016Q2/www/squid/Makefile
  branches/2016Q2/www/squid/distinfo
  branches/2016Q2/www/squid/files/patch-src__ip__Intercept.cc