Bug 72581
| Summary: | [Maintainer] www/squid: update to 2.5-STABLE7 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Thomas-Martin Seck <tmseck> | ||||
| Component: | Individual Port(s) | Assignee: | Sergei Kolobov <sergei> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | CC: | security-team | ||||
| Priority: | Normal | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Responsible Changed From-To: freebsd-ports-bugs->sergei Grab. State Changed From-To: open->closed Committed, thanks! |
- Update to 2.5-STABLE7; this release fixes a security issue regarding the SNMP module (security team CC'ed, see below for a proposed VuXML database entry) - Remove a patch that is now part of the distribution - Miscellaneuous small fixes: + in squid.sh, make stop_command poll for the squid processes' exit in the rcNG case too; this eliminates the need to do this in restart_command + make the information regarding rcNG'ness in pkg-install easier to read + install unstripped binaries if WITH_SQUID_STACKTRACES is defined Note to committer: please 'cvs rm' files/patch-configure Proposed VuXML database entry regarding the SNMP issue: <topic>Denial of Service Issue in squid SNMP module</topic> <affects> <package> <name>squid</name> <range><lt>2.5.7</lt></range> <package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>If a certain malformed SNMP request is received squid restarts with a Segmentation Fault error.</p> <p>This only affects squid installations where SNMP is explicitly enabled via "make config". As a workaround, SNMP can be disabled by defining "snmp_port 0" in squid.conf.</p> </body> </description> <references> <cvename>CAN-2004-0918</cvename> <url>http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-SNMP_core_dump</url> </references> <dates> <discovery>2004-09-29</discovery> </dates> Fix: Apply this patch: