---
- branch: MAIN
  date: Mon Nov 28 15:26:26 UTC 2011
  files:
  - new: '1.16'
    old: '1.15'
    path: pkgsrc/www/squid27/Makefile
    pathrev: pkgsrc/www/squid27/Makefile@1.16
    type: modified
  - new: '1.10'
    old: '1.9'
    path: pkgsrc/www/squid27/distinfo
    pathrev: pkgsrc/www/squid27/distinfo@1.10
    type: modified
  - new: '1.3'
    old: '0'
    path: pkgsrc/www/squid27/patches/patch-am
    pathrev: pkgsrc/www/squid27/patches/patch-am@1.3
    type: added
  - new: '1.35'
    old: '1.34'
    path: pkgsrc/www/squid31/Makefile
    pathrev: pkgsrc/www/squid31/Makefile@1.35
    type: modified
  - new: '1.32'
    old: '1.31'
    path: pkgsrc/www/squid31/distinfo
    pathrev: pkgsrc/www/squid31/distinfo@1.32
    type: modified
  - new: '1.4'
    old: '0'
    path: pkgsrc/www/squid31/patches/patch-am
    pathrev: pkgsrc/www/squid31/patches/patch-am@1.4
    type: added
  id: 20111128T152626Z.082d5f3778465545d64cf7a74fc9e2d85422ea56
  log: |
    Don't allow '/' characters to be passed to pam_start() by the
    PAM helper program. OpenPAM didn't check this, so it could be
    tricked into reading arbitrary config files, allowing privilege
    escalation.
    Standard squid installations don't install the PAM helper SUID, but
    depending on local needs, an administrator might choose to do so.
    approved by pkg maintainer
    bump PKGREV
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www'
  unixtime: '1322493986'
  user: drochner