Created attachment 211538 [details]
- Update squid to 4.10
- Remove patch-src_security_ServerOptions.h as upstream changed
Also there were several security issues fixed in this release:
(In reply to timp87 from comment #1)
Thanks to Raúl Muñoz to pointing to them
TODO: vuxml entries
A commit references this bug:
Date: Tue Feb 11 19:46:52 UTC 2020
New revision: 525889
www/squid: upgrade 4.9 -> 4.10
Submitted by: firstname.lastname@example.org (maintainer)
I think this issue can be closed now?
It still needs vuxml entries. Any volunteers 8-} ?
I take it .. will link the PR later.
Is www/squid3 also affected by the security vulnerability? Is there a separate patch for this (3.x) branch? Have upstream already merged changes to that branch?
(In reply to Kurt Jaeger from comment #6)
VuXML in bug 245433 (now a dependent of this issue)
(In reply to Kubilay Kocak from comment #8)
www/squid3 is also affected but upstream only provide patches, no real releases (as described in vendor SA's above). Maybe squid3 port maintainer can add them?
www/squid3 is abandoned by upstream almost 2 years ago. I'd rather prefer removing www/squid3 from the ports tree