Commit Graph

119 Commits

Author SHA1 Message Date
brad
dcee93fbfd fix the MESSAGE file, s/2.5/2.6/ 2006-10-03 18:32:44 +00:00
brad
78924f0824 upgrade to 2.6.STABLE4
Squid 2.6 supports kqueue and hw accelerated SSL via OpenSSL,
as well as many other improvements.
2006-10-03 05:00:49 +00:00
bernd
b8bedd34ec Back out change with no review.
ok espie@, pvalchev@
2006-06-19 11:49:07 +00:00
brad
27ff4e08fa upgrade to 2.5.STABLE14 2006-06-17 03:15:55 +00:00
brad
a20588de08 upgrade to 2.5.STABLE13 2006-04-13 23:46:56 +00:00
brad
7e96195d7d Have Squid open /dev/pf in read-only mode.
From: Andrey Matveev <evol at online dot ptt dot ru>
2006-01-06 01:40:27 +00:00
naddy
bfd5225608 Always explicitly set the AUTOCONF_VERSION to use. In some cases
the default was not appropriate.
2005-11-03 18:28:55 +00:00
brad
c813d99c13 upgrade to 2.5.STABLE12
- [Major] Error introduced in 2.5.STABLE11 causing truncated responses
  when using delay pools (Bug #1405)
2005-10-29 23:26:38 +00:00
brad
f01c664640 upgrade to 2.5.STABLE11
Alex Masterov has reported a vulnerability in Squid,
which potentially can be exploited by malicious people
to cause a DoS.

The vulnerability is caused due to an unspecified error
in the "sslConnectTimeout()" function after handling
malformed requests. This may be exploited to crash Squid.

CAN-2005-2796
2005-09-25 17:03:32 +00:00
brad
5359105907 upgrade to 2.5.STABLE10
- Malicious users may spoof DNS lookups if the DNS client UDP port (random,
  assigned by OS at startup) is unfiltered and your network is not protected
  from IP spoofing.
- CVE-1999-0710, adds access controls to the cachemgr.cgi script, preventing
  it from being abused to reach other servers than allowed in a local
  configuration file.
2005-05-25 02:27:13 +00:00
brad
abdb1f835e upgrade to Squid 2.5.STABLE9 2005-02-25 16:37:25 +00:00
brad
8e2e7b5074 upgrade to Squid 2.5.STABLE8 + patches
Fixes 2 major issues over STABLE7 + the previous round of patches..

- Data corruption when HTTP reply headers is split in several packets
- Assertion failure on certain odd DNS responses
2005-02-17 03:32:24 +00:00
brad
c5a2906562 add missing ERR_INVALID_RESP to PLIST 2005-02-11 02:47:55 +00:00
brad
a754b815eb fix for ldap_search 2005-02-05 21:36:30 +00:00
brad
29a54c815a SECURITY:
add most of the latest distribution patches which include 4 security
fixes.

-Correct handling of oversized reply headers
-Buffer overflow in WCCP recvfrom() call
-Strengthen Squid from HTTP response splitting cache pollution attack
-Reject malformed HTTP requests and responses that conflict with the HTTP specifications
2005-02-04 04:27:38 +00:00
brad
6c1b677ada Fix 2 security issues...
A bug exists in the code that parses responses from Gopher servers.
The bug results in a buffer overflow if a Gopher server returns a
line longer than 4096 bytes.  The overflow results in memory
corruption and usually crashes Squid.

CAN-2005-0094

A bug exists in the code that parses WCCP messages.  An attacker
that sends a malformed WCCP messages, with a spoofed source address
matching Squid's "home router" can crash Squid.

CAN-2005-0095
2005-01-26 05:08:11 +00:00
naddy
ae76d3ea1f SIZE 2005-01-05 17:21:50 +00:00
alek
61a5f078cf - Kill DEINSTALL
- Replace INSTALL with @samples, @execs, etc.
- Add WANTLIB marker
- Bump PKGNAME
2004-12-07 19:33:33 +00:00
brad
91bd55630f use @newgroup / @newuser 2004-10-31 07:20:29 +00:00
brad
7d4db47663 better 2004-10-31 06:54:37 +00:00
brad
3935b2a8bb upgrade to Squid 2.5.STABLE7
A parsing error exists in the SNMP module of Squid where a
specially-crafted UDP packet can potentially cause the server to
restart, closing all current connections.
2004-10-20 21:44:20 +00:00
espie
e44839e34b new plists.
comment out netscape-dynmotif, since we don't have the required motif lib.
2004-09-15 18:49:48 +00:00
naddy
6b9c0f500b fix up MODGNU_CONFIG_GUESS_DIRS 2004-08-04 16:12:14 +00:00
brad
4532560e76 sync 2004-07-11 17:05:03 +00:00
brad
333f7e2260 upgrade to Squid 2.5.STABLE6 2004-07-11 17:00:47 +00:00
brad
d84edf1a11 remove messages about user/group change. 2004-06-24 03:16:55 +00:00
brad
86d502ddb4 - add 2 more distribution patches
- add snmp FLAVOR from Joel CARNAT <joel at carnat dot net>
- add some auth types and auth/acl helpers
- add NTLM auth SMB patch even though the default port does NOT compile this support in
2004-06-11 08:00:35 +00:00
brad
8134d5f3d6 one of the distrib patches was updated 2004-06-07 04:15:22 +00:00
brad
be1ae753c5 more distribution patches 2004-06-02 21:39:59 +00:00
brad
5c7d163fec Add 2 more distribution patches. One of them fixes an issue if using
Digest authentication. Users can crash Squid with a segmentation fault
simply by entering a blank user name.
2004-04-21 11:11:19 +00:00
brad
773296fdb7 sync 2004-04-16 00:39:03 +00:00
xsa
defa276606 catch @extra escapers ... 2004-04-15 08:58:32 +00:00
xsa
575015faec @extraaaaaaaaaaaaaaaaa ...
ok dhartmei@ jolan@ brad@ for their respective port;
2004-04-15 07:34:11 +00:00
brad
145a5e937b - add some distribution patches. From: Robert Nagy <thuglife at bsd dot hu>
- only apply optimization workaround for gcc if using 2.95
2004-04-13 00:40:47 +00:00
miod
f845f0f369 Tell squid that m88k does not imply SysV; maintainer ok 2004-04-06 05:35:59 +00:00
brad
b765b0c3ec upgrade to Squid 2.5.STABLE5 2004-03-03 01:20:42 +00:00
naddy
f16b99d84d The sparc64 compiler is gcc3 now; don't require the gcc3 module. 2004-02-25 02:35:15 +00:00
brad
b1f0d46719 add 29 of the latest distribution patches. 2004-02-16 10:21:20 +00:00
naddy
112339c1d4 remove WWW lines 2003-12-15 21:54:59 +00:00
brad
4e2e7789ec upgrade to Squid 2.5.STABLE4 2003-10-17 18:03:54 +00:00
brad
bdba8d4dc9 apply another distribution patch, the squid-2.5.STABLE3-mem_cfd.patch patch
broke the forwarded_for directive.
2003-08-22 21:12:18 +00:00
brad
d8d89da2a5 add some more distribution patches.
--
Thanks to mpech@ for some testing
2003-08-18 17:13:40 +00:00
brad
649f804830 optimization issues with gcc 2.95, use gcc 3 on sparc64.
--
From: Matthieu Herrb <matthieu dot herrb at laas dot fr>
2003-07-26 06:05:52 +00:00
brad
459cc69576 apply a number of distribution patches. 2003-07-23 01:47:20 +00:00
brad
f77c38db29 switch to new schema for user/group.
--
From: sturm@
Thanks to mpech@ for testing and pointing out the user/group
I almost missed in MESSAGE.
2003-07-08 20:43:20 +00:00
brad
b2f602749a upgrade to Squid 2.5.STABLE3
throw in the SSL gatewaying support, this is not enabled by default.
2003-07-07 17:44:43 +00:00
brad
5cd00e6c5d upgrade to Squid 2.5.STABLE2 2003-05-13 20:12:02 +00:00
brad
b0766fdf67 upgrade to Squid 2.5.STABLE1 2002-10-04 13:52:48 +00:00
brad
0ab206aa68 upgrade to Squid 2.5.PRE13 2002-09-20 01:27:10 +00:00
brad
d4b58e4aa8 upgrade to Squid 2.5.PRE11 2002-08-23 14:10:20 +00:00