15f788cbd1
squid-2.2.stable5-newlines_in_auth.patch After decoding the base64 encoded "user:password" pair given by the client, squid doesn't strip out any '\n' found in the resulting string. Given such a string, any external authenticator will receive two lines instead of one, and most probably send two results. Now, any subsequent authentification exchange will have its answer shifted by one. Therefore, a malicious user can gain access to sites they should not have access to. squid-2.2.stable5-ipcache_negative.patch The IP cache immediately removes entries that should be negatively cached. This appears to be due to some changes made for retrying failed connections. squid-2.2.stable5-no_cache.patch A missing no_cache list is treated the same as no_cache deny all. |
||
|---|---|---|
| .. | ||
| files | ||
| patches | ||
| pkg | ||
| Makefile | ||