Bug 244026

Summary:

www/squid: Update to 4.10

Product:

Ports & Packages

Reporter:

Pavel Timofeev <timp87>

Component:

Individual Port(s)

Assignee:

Kurt Jaeger <pi>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

m.muenz, pi, ports-secteam, timp87

Priority:

Normal

Keywords:

needs-qa

Version:

Latest

Flags:

koobs: maintainer-feedback? (timp87)
koobs: merge-quarterly?

Hardware:

Any

OS:

Any

Bug Depends on:

245433

Bug Blocks:

Attachments:

Description	Flags
port patch	none

Description Pavel Timofeev 2020-02-10 15:28:36 UTC

Created attachment 211538 [details]
port patch

- Update squid to 4.10
- Remove patch-src_security_ServerOptions.h as upstream changed

Comment 1 Pavel Timofeev 2020-02-10 15:29:44 UTC

Also there were several security issues fixed in this release:
http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
http://www.squid-cache.org/Advisories/SQUID-2020_2.txt
http://www.squid-cache.org/Advisories/SQUID-2020_3.txt

Comment 2 Pavel Timofeev 2020-02-10 15:30:30 UTC

(In reply to timp87 from comment #1)
Thanks to Raúl Muñoz to pointing to them

Comment 3 Kurt Jaeger freebsd_committer

2020-02-11 19:46:56 UTC

TODO: vuxml entries

Comment 4 commit-hook freebsd_committer

2020-02-11 19:47:37 UTC

A commit references this bug:

Author: pi
Date: Tue Feb 11 19:46:52 UTC 2020
New revision: 525889
URL: https://svnweb.freebsd.org/changeset/ports/525889

Log:
  www/squid: upgrade 4.9 -> 4.10

  PR:		244026
  Submitted by:	timp87@gmail.com (maintainer)
  Relnotes:	http://lists.squid-cache.org/pipermail/squid-announce/2020-February/000107.html
  Security:	http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
  		http://www.squid-cache.org/Advisories/SQUID-2020_2.txt
  		http://www.squid-cache.org/Advisories/SQUID-2020_3.txt

Changes:
  head/www/squid/Makefile
  head/www/squid/distinfo
  head/www/squid/files/patch-src_security_ServerOptions.h

Comment 5 Michael Muenz 2020-04-06 09:26:18 UTC

I think this issue can be closed now?

Comment 6 Kurt Jaeger freebsd_committer

2020-04-07 18:49:09 UTC

It still needs vuxml entries. Any volunteers 8-} ?

Comment 7 Michael Muenz 2020-04-07 20:08:34 UTC

I take it .. will link the PR later.

Comment 8 Kubilay Kocak freebsd_committer

2020-04-08 00:12:50 UTC

Is www/squid3 also affected by the security vulnerability? Is there a separate patch for this (3.x) branch? Have upstream already merged changes to that branch?

Comment 9 Kubilay Kocak freebsd_committer

2020-04-08 00:13:26 UTC

(In reply to Kurt Jaeger from comment #6)

VuXML in bug 245433 (now a dependent of this issue)

Comment 10 Michael Muenz 2020-04-08 02:57:02 UTC

(In reply to Kubilay Kocak from comment #8)

www/squid3 is also affected but upstream only provide patches, no real releases (as described in vendor SA's above). Maybe squid3 port maintainer can add them?

Comment 11 Pavel Timofeev 2020-04-08 03:35:21 UTC

www/squid3 is abandoned by upstream almost 2 years ago. I'd rather prefer removing www/squid3 from the ports tree

Comment 12 Kurt Jaeger freebsd_committer

2020-05-03 21:30:03 UTC

vuxml done