Sun Feb 14 13:27:52 2010 UTC ()
Add a security patch described security advisory SQUID-2010_2.txt,
http://www.squid-cache.org/Advisories/SQUID-2010_2.txt

Patch was the same content as official one.

http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch.


(taca)
diff -r1.11 -r1.12 pkgsrc/www/squid27/Makefile
diff -r1.7 -r1.8 pkgsrc/www/squid27/distinfo
diff -r0 -r1.1 pkgsrc/www/squid27/patches/patch-ao
cvs diff -r1.11 -r1.12 pkgsrc/www/squid27/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/www/squid27/Attic/Makefile 2010/02/02 14:43:57 1.11
+++ pkgsrc/www/squid27/Attic/Makefile 2010/02/14 13:27:52 1.12
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1# $NetBSD: Makefile,v 1.11 2010/02/02 14:43:57 taca Exp $ 1# $NetBSD: Makefile,v 1.12 2010/02/14 13:27:52 taca Exp $
2 2
3DISTNAME= squid-2.7.STABLE7 3DISTNAME= squid-2.7.STABLE7
4PKGNAME= ${DISTNAME:S/STABLE//} 4PKGNAME= ${DISTNAME:S/STABLE//}
5PKGREVISION= 2 5PKGREVISION= 3
6CATEGORIES= www 6CATEGORIES= www
7MASTER_SITES= ${SQUID_MASTER_SITES} \ 7MASTER_SITES= ${SQUID_MASTER_SITES} \
8 http://www.squid-cache.org/Versions/v2/2.7/ 8 http://www.squid-cache.org/Versions/v2/2.7/
9EXTRACT_SUFX= .tar.bz2 9EXTRACT_SUFX= .tar.bz2
10 10
11MAINTAINER= taca@NetBSD.org 11MAINTAINER= taca@NetBSD.org
12HOMEPAGE= http://www.squid-cache.org/ 12HOMEPAGE= http://www.squid-cache.org/
13COMMENT= Post-Harvest_cached WWW proxy cache and accelerator 13COMMENT= Post-Harvest_cached WWW proxy cache and accelerator
14LICENSE= gnu-gpl-v2 14LICENSE= gnu-gpl-v2
15 15
16USE_TOOLS+= perl 16USE_TOOLS+= perl
17GNU_CONFIGURE= yes 17GNU_CONFIGURE= yes
18PKG_DESTDIR_SUPPORT= destdir 18PKG_DESTDIR_SUPPORT= destdir
cvs diff -r1.7 -r1.8 pkgsrc/www/squid27/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/www/squid27/Attic/distinfo 2010/02/02 14:43:57 1.7
+++ pkgsrc/www/squid27/Attic/distinfo 2010/02/14 13:27:52 1.8
@@ -1,18 +1,19 @@ @@ -1,18 +1,19 @@
1$NetBSD: distinfo,v 1.7 2010/02/02 14:43:57 taca Exp $ 1$NetBSD: distinfo,v 1.8 2010/02/14 13:27:52 taca Exp $
2 2
3SHA1 (squid-2.7.STABLE7.tar.bz2) = 0729116f309093e4f141e000136cdec39290628a 3SHA1 (squid-2.7.STABLE7.tar.bz2) = 0729116f309093e4f141e000136cdec39290628a
4RMD160 (squid-2.7.STABLE7.tar.bz2) = a13df321fb0831de963c77f6e33e3f374634d353 4RMD160 (squid-2.7.STABLE7.tar.bz2) = a13df321fb0831de963c77f6e33e3f374634d353
5Size (squid-2.7.STABLE7.tar.bz2) = 1341869 bytes 5Size (squid-2.7.STABLE7.tar.bz2) = 1341869 bytes
6SHA1 (patch-aa) = e6b112b463b1bc996490c99b91945361f0c2506a 6SHA1 (patch-aa) = e6b112b463b1bc996490c99b91945361f0c2506a
7SHA1 (patch-ab) = 0d8e73eab50a54bd9c8662ee418c0640f30fdeea 7SHA1 (patch-ab) = 0d8e73eab50a54bd9c8662ee418c0640f30fdeea
8SHA1 (patch-ac) = 175bc741bb2adc6b5f3452c6a8d25e594e7c3acd 8SHA1 (patch-ac) = 175bc741bb2adc6b5f3452c6a8d25e594e7c3acd
9SHA1 (patch-ad) = 24e7303aa3160a3e675da333737eade458c5c197 9SHA1 (patch-ad) = 24e7303aa3160a3e675da333737eade458c5c197
10SHA1 (patch-ae) = a78e762c1ad928eef66b12395d48bc69542e32d9 10SHA1 (patch-ae) = a78e762c1ad928eef66b12395d48bc69542e32d9
11SHA1 (patch-af) = d8bfc5e92988ffa37d39c799e62176974fb9c27a 11SHA1 (patch-af) = d8bfc5e92988ffa37d39c799e62176974fb9c27a
12SHA1 (patch-ag) = b375ecb8eefb4059642450fd25a0ec8e0d74efd7 12SHA1 (patch-ag) = b375ecb8eefb4059642450fd25a0ec8e0d74efd7
13SHA1 (patch-ah) = c1c22c57e5e63d0d0756202224d156e47413a4d8 13SHA1 (patch-ah) = c1c22c57e5e63d0d0756202224d156e47413a4d8
14SHA1 (patch-ai) = a227e6fc622f1bda3fa49406b4d588c1f1f78430 14SHA1 (patch-ai) = a227e6fc622f1bda3fa49406b4d588c1f1f78430
15SHA1 (patch-aj) = c5c7cd10a63a5066eee63988775f71758ed5463e 15SHA1 (patch-aj) = c5c7cd10a63a5066eee63988775f71758ed5463e
16SHA1 (patch-ak) = 6863cac0fe9100f4b8c3c05cb321324a4abf0a4c 16SHA1 (patch-ak) = 6863cac0fe9100f4b8c3c05cb321324a4abf0a4c
17SHA1 (patch-al) = a9e957a90dc6956e59668c297dd8566642baecff 17SHA1 (patch-al) = a9e957a90dc6956e59668c297dd8566642baecff
18SHA1 (patch-an) = 9170bdd57f5428e7b64b4db2e1ffdee3c032643e 18SHA1 (patch-an) = 9170bdd57f5428e7b64b4db2e1ffdee3c032643e
 19SHA1 (patch-ao) = 5df91c372baf8d81fcb47a5e847c7ed77bed8d7a
File Added: pkgsrc/www/squid27/patches/Attic/patch-ao
$NetBSD: patch-ao,v 1.1 2010/02/14 13:27:52 taca Exp $

This is fix for security problem:

http://www.squid-cache.org/Advisories/SQUID-2010_2.txt

Since the announced patch contains RCS style revision string, it never
applied to clearly.

http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch.

--- src/htcp.c.orig	2008-05-04 23:23:13.000000000 +0000
+++ src/htcp.c
@@ -950,6 +950,11 @@ htcpHandleClr(htcpDataHeader * hdr, char
 	debug(31, 3) ("htcpHandleClr: htcpUnpackSpecifier failed\n");
 	return;
     }
+    if (!s->request) {
+	debug(31, 2) ("htcpHandleTstRequest: failed to parse request\n");
+	htcpFreeSpecifier(s);
+	return;
+    }
     if (!htcpAccessCheck(Config.accessList.htcp_clr, s, from)) {
 	debug(31, 2) ("htcpHandleClr: Access denied\n");
 	htcpFreeSpecifier(s);