ports/70707: [Maintainer] www/squid: integrate patch for NTLM authentication issue
Thomas-Martin Seck
tmseck at netcologne.de
Fri Aug 20 13:30:13 UTC 2004
>Number: 70707
>Category: ports
>Synopsis: [Maintainer] www/squid: integrate patch for NTLM authentication issue
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Aug 20 13:30:13 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Thomas-Martin Seck
>Release: FreeBSD 4.10-STABLE i386
>Organization:
a private site in Germany
>Environment:
FreeBSD ports collection as of August 20th, 2004.
>Description:
Integrate a vendor patch for a possible DOS against the NTLM
authentication helpers, see squid bug #1045. Bump PORTREVISION.
(The published patches for the "supplementary group membership not set"
and the "external acl does not handle newlines" do not apply cleanly at
this time. I am currently analyzing the problem.) <precise description
of the problem (multiple lines)>
>How-To-Repeat:
>Fix:
Apply this patch:
Index: distinfo
===================================================================
--- distinfo (.../www/squid) (revision 184)
+++ distinfo (.../local/squid) (revision 184)
@@ -26,3 +26,5 @@
SIZE (squid2.5/squid-2.5.STABLE6-errorpage_quote.patch) = 377
MD5 (squid2.5/squid-2.5.STABLE6-heap_segfault.patch) = c82d9f3972419833b757c0c116c216f8
SIZE (squid2.5/squid-2.5.STABLE6-heap_segfault.patch) = 867
+MD5 (squid2.5/squid-2.5.STABLE6-ntlm_fetch_string.patch) = dbf1826522c14dc64c0c37430bb27b2e
+SIZE (squid2.5/squid-2.5.STABLE6-ntlm_fetch_string.patch) = 1606
Index: Makefile
===================================================================
--- Makefile (.../www/squid) (revision 184)
+++ Makefile (.../local/squid) (revision 184)
@@ -74,7 +74,7 @@
PORTNAME= squid
PORTVERSION= 2.5.6
-PORTREVISION= 6
+PORTREVISION= 7
CATEGORIES= www
MASTER_SITES= \
ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
@@ -99,7 +99,8 @@
squid-2.5.STABLE6-client_db_gc.patch \
squid-2.5.STABLE6-ntlmtruncated.patch \
squid-2.5.STABLE6-errorpage_quote.patch \
- squid-2.5.STABLE6-heap_segfault.patch
+ squid-2.5.STABLE6-heap_segfault.patch \
+ squid-2.5.STABLE6-ntlm_fetch_string.patch
PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck at netcologne.de
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list