openbsd-ports

History

brad 15f788cbd1 add 3 distribution patches; squid-2.2.stable5-newlines_in_auth.patch After decoding the base64 encoded "user:password" pair given by the client, squid doesn't strip out any '\n' found in the resulting string. Given such a string, any external authenticator will receive two lines instead of one, and most probably send two results. Now, any subsequent authentification exchange will have its answer shifted by one. Therefore, a malicious user can gain access to sites they should not have access to. squid-2.2.stable5-ipcache_negative.patch The IP cache immediately removes entries that should be negatively cached. This appears to be due to some changes made for retrying failed connections. squid-2.2.stable5-no_cache.patch A missing no_cache list is treated the same as no_cache deny all.	1999-12-09 19:48:17 +00:00
..
md5	add 3 distribution patches;	1999-12-09 19:48:17 +00:00

brad 15f788cbd1 add 3 distribution patches;

squid-2.2.stable5-newlines_in_auth.patch
After decoding the base64 encoded "user:password" pair given by the
client, squid doesn't strip out any '\n' found in the resulting
string. Given such a string, any external authenticator will receive two
lines instead of one, and most probably send two results. Now, any
subsequent authentification exchange will have its answer shifted by
one. Therefore, a malicious user can gain access to sites they should not
have access to.

squid-2.2.stable5-ipcache_negative.patch
The IP cache immediately removes entries that should be negatively
cached. This appears to be due to some changes made for retrying failed
connections.

squid-2.2.stable5-no_cache.patch
A missing no_cache list is treated the same as no_cache deny all.

1999-12-09 19:48:17 +00:00

md5

add 3 distribution patches;

1999-12-09 19:48:17 +00:00