add 2 distribution patches: (and fix a mistake in the HTML quoting patch)

squid-2.3.stable4-accel_only_access.patch clientAccessCheck incorrectly returns ACCESS_ALLOWED for proxy requests when configured as an HTTP accelerator only squid-2.3.stable4-html_quoting.patch Everywhere where Squid inserts text received from the network into a HTML page (error pages, FTP listings, Gopher listings, ...) care must be taken to ensure that the text is properly encoded as HTML, or a malicious user might be able to insert script code or other HTML tags, and exploit the web browser of any user visiting their page or clicking on that funny link received in a email..
2000-11-17 22:35:52 +00:00 · 2000-11-17 22:35:52 +00:00 · da5b4b0e75
commit da5b4b0e75
parent 2996ab835f
3 changed files with 25 additions and 9 deletions
--- a/www/squid/Makefile
+++ b/www/squid/Makefile
@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.26 2000/10/08 20:37:08 brad Exp $
+# $OpenBSD: Makefile,v 1.27 2000/11/17 22:35:52 brad Exp $

 DISTNAME=	squid-2.3.STABLE4
 PKGNAME=	squid-2.3
 CATEGORIES=	www
-NEED_VERSION=	1.330
+NEED_VERSION=	1.336
 MASTER_SITES=	http://www.squid-cache.org/Versions/v2/2.3/
 MASTER_SITES0=	http://www.squid-cache.org/Versions/v2/2.3/bugs/
 EXTRACT_SUFX=	-src.tar.gz
@ -12,7 +12,9 @@ DIST_SUBDIR=	squid
 PATCHFILES=	squid-2.3.stable4-ftp_icon_not_found.patch:0 \
 		squid-2.3.stable4-internal_dns_rcode_table_formatting.patch:0 \
 		squid-2.3.stable4-ipfw_configure.patch:0 \
-		squid-2.3.stable4-invalid_ip_acl_entry.patch:0
+		squid-2.3.stable4-invalid_ip_acl_entry.patch:0 \
+		squid-2.3.stable4-accel_only_access.patch:0 \
+		squid-2.3.stable4-html_quoting.patch:0

 HOMEPAGE=	http://www.squid-cache.org/

--- a/www/squid/files/md5
+++ b/www/squid/files/md5
@ -1,15 +1,21 @@
 MD5 (squid/squid-2.3.STABLE4-src.tar.gz) = c38c083f44c222a8d026fa129c30b98f
+MD5 (squid/squid-2.3.stable4-accel_only_access.patch) = db8e4eb9c1712a4adde7e9aaed0b5249
 MD5 (squid/squid-2.3.stable4-ftp_icon_not_found.patch) = f1383b24672f9a8317c2c16302a94eaa
+MD5 (squid/squid-2.3.stable4-html_quoting.patch) = 9f9d8ed38e3706ba4e6d851fae35f1bf
 MD5 (squid/squid-2.3.stable4-internal_dns_rcode_table_formatting.patch) = bec46f5a1fcbd9aa1deb9d518c5c11a5
 MD5 (squid/squid-2.3.stable4-invalid_ip_acl_entry.patch) = 436eb77056bed5d45547c739d1123bd3
 MD5 (squid/squid-2.3.stable4-ipfw_configure.patch) = 4453c53a712280a26fdca42c950bc94f
 RMD160 (squid/squid-2.3.STABLE4-src.tar.gz) = 0719f8e916b7f4cd011abcd17faf3ec68339c9b2
+RMD160 (squid/squid-2.3.stable4-accel_only_access.patch) = 81abb8b22d8f3dc2ed0538e335754e253ca489bc
 RMD160 (squid/squid-2.3.stable4-ftp_icon_not_found.patch) = 8e01afa8a06e54a2ac6f4ac28a3c79d03d69ffd7
+RMD160 (squid/squid-2.3.stable4-html_quoting.patch) = f5be2c30f31fd9f69e1acd375d45432b5d076b5b
 RMD160 (squid/squid-2.3.stable4-internal_dns_rcode_table_formatting.patch) = cd1522b16eabe046b80076eac8e89c992ca4ffd4
 RMD160 (squid/squid-2.3.stable4-invalid_ip_acl_entry.patch) = 1447cb011f6e472e65e27690d7dfbe5589ecab59
 RMD160 (squid/squid-2.3.stable4-ipfw_configure.patch) = 3c895c9800d86a32cd73d192c1d97a76db8493ee
 SHA1 (squid/squid-2.3.STABLE4-src.tar.gz) = 69fba1c0c14ff7b40837ab6357eed706ad55b3ae
+SHA1 (squid/squid-2.3.stable4-accel_only_access.patch) = e6f6932e5e5c4a5dde462dcce221ee9fb0a2342d
 SHA1 (squid/squid-2.3.stable4-ftp_icon_not_found.patch) = 59fca251f4250d7a4580aeb40190abe144575285
+SHA1 (squid/squid-2.3.stable4-html_quoting.patch) = d1691ef351e8c41600271e68ebc9c835232f3cb4
 SHA1 (squid/squid-2.3.stable4-internal_dns_rcode_table_formatting.patch) = 4403fe55cb75762c24701d45e1a36789cd7c84e5
 SHA1 (squid/squid-2.3.stable4-invalid_ip_acl_entry.patch) = 8792fcad959176f62a20ff2b8892303e0026bf65
 SHA1 (squid/squid-2.3.stable4-ipfw_configure.patch) = fd5b0464723312c1e73f2b027ab3baa0220be6e9
--- a/www/squid/patches/patch-aj
+++ b/www/squid/patches/patch-aj
@ -1,12 +1,20 @@
--- lib/Makefile.in.orig	Wed Jun 28 01:35:09 2000
-+++ lib/Makefile.in	Wed Jun 28 01:35:26 2000
-@@ -48,6 +48,9 @@
+--- lib/Makefile.in.orig	Wed Jul  7 15:14:26 1999
+++ lib/Makefile.in	Fri Nov 17 17:01:28 2000
+@@ -39,6 +39,7 @@
+ 		  Stack.o \
+ 		  hash.o \
+ 		  heap.o \
+		  html.o \
+ 		  $(LIBOBJS)
+ REGEXOBJS	= GNUregex.o
+ DLMALLOCOBJS	= dlmalloc.o
+@@ -47,6 +48,9 @@
+ CFLAGS		= $(AC_CFLAGS) $(INCLUDE)
 
 all: $(LIBS)
- 
+
 +rfc1035.o: rfc1035.c
 +	$(CC) $(CFLAGS) -O0 -c $<
-+
+ 
 $(UTILOBJS): $(top_srcdir)/include/version.h
 
- libmiscutil.a: $(UTILOBJS)