Bug 207454 - www/squid: update to 3.5.15
Summary: www/squid: update to 3.5.15
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Some People
Assignee: Jason Unovitch
URL:
Keywords: easy, patch, patch-ready, security
Depends on:
Blocks:
 
Reported: 2016-02-24 06:14 UTC by timp87
Modified: 2016-02-28 00:51 UTC (History)
2 users (show)

See Also:
junovitch: merge-quarterly+


Attachments
port patch (1002 bytes, patch)
2016-02-24 06:14 UTC, timp87
timp87: maintainer-approval+
Details | Diff
poudriere log (858.97 KB, text/x-log)
2016-02-24 07:17 UTC, timp87
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description timp87 2016-02-24 06:14:34 UTC
Created attachment 167349 [details]
port patch

Hello!
Update our www/squid to 3.5.15.
I'll provide Q&A a bit later.
Comment 1 timp87 2016-02-24 07:17:50 UTC
Created attachment 167355 [details]
poudriere log
Comment 2 commit-hook freebsd_committer 2016-02-24 11:46:43 UTC
A commit references this bug:

Author: junovitch
Date: Wed Feb 24 11:46:10 UTC 2016
New revision: 409460
URL: https://svnweb.freebsd.org/changeset/ports/409460

Log:
  Document squid remote DoS in HTTP response processing

  PR:		207454
  Reported by:	Pavel Timofeev <timp87@gmail.com>
  Security:	https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml
Comment 3 Jason Unovitch freebsd_committer 2016-02-24 11:54:41 UTC
I'm mostly AFK for a bit but I did the VuXML for this PR... Fix the tags and add CCs.
Comment 4 commit-hook freebsd_committer 2016-02-25 01:09:48 UTC
A commit references this bug:

Author: junovitch
Date: Thu Feb 25 01:09:22 UTC 2016
New revision: 409487
URL: https://svnweb.freebsd.org/changeset/ports/409487

Log:
  www/squid: update 3.5.14 -> 3.5.15

  Changes:
  * Bug 3870 assertion failed: String.cc: 'len_ + len <65536' in ESI::CustomParser
  * Fix multiple assertion on String overflows
  * Fix unit test errors on MacOS
  * Better handling of huge response headers. Fewer incorrect "Bug #3279" messages
  * Log noise reduction for eCAP

  PR:		207454
  Submitted by:	Pavel Timofeev <timp87@gmail.com> (maintainer)
  Security:	https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html
  X-MFH-With:	r406625, r409148

Changes:
  head/www/squid/Makefile
  head/www/squid/distinfo
Comment 5 commit-hook freebsd_committer 2016-02-25 03:09:00 UTC
A commit references this bug:

Author: junovitch
Date: Thu Feb 25 03:08:09 UTC 2016
New revision: 409491
URL: https://svnweb.freebsd.org/changeset/ports/409491

Log:
  MFH: r406625, r409148, r409487

  www/squid: update 3.5.12 -> 3.5.15

  PR:             206127
  PR:             207294
  PR:             207454
  Submitted by:   Pavel Timofeev <timp87@gmail.com> (maintainer)
  Approved by:	ports-secteam (miwi)
  Security:       CVE-2016-2390
  Security:       https://vuxml.FreeBSD.org/freebsd/56562efb-d5e4-11e5-b2bd-002590263bf5.html
  Security:       https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html

Changes:
_U  branches/2016Q1/
  branches/2016Q1/www/squid/Makefile
  branches/2016Q1/www/squid/distinfo
Comment 6 commit-hook freebsd_committer 2016-02-28 00:51:10 UTC
A commit references this bug:

Author: junovitch
Date: Sun Feb 28 00:50:12 UTC 2016
New revision: 409709
URL: https://svnweb.freebsd.org/changeset/ports/409709

Log:
  Revise Squid entry with CVE assignment and SQUID-2016:2 advisory reference

  PR:		207454
  Reported by:	Pavel Timofeev <timp87@gmail.com>
  Security:	CVE-2016-2569
  Security:	CVE-2016-2570
  Security:	CVE-2016-2571
  Security:	https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml