| Commit History - (may be incomplete: see CVSWeb link above for full details) |
| Date | By | Description |
01 Feb 2010 20:25:58
  2.7.7_3
|
delphij  |
Security patch for Squid advisory 2010:1, denial of service.
Submitted by: maintainer (Thomas-Martin Seck <tmseck web de>) |
24 Dec 2009 02:58:32
2.7.7_2
 |
wen |
- Implement OPTIONS vor SQUID_KERBEROS_AUTH and SQUID_NIS_AUTH
- Add a CONFLICT with www/lusca-head
- Make the Squid configuration directory world readable in new
installations to ease use of cachemgr.cgi
- Implement squid_conf in the rc script and document user settable
variables
PR: ports/141930
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
21 Nov 2009 15:19:57
2.7.7_1
|
miwi |
- Add squid_fib option for alternate routing tables
PR: 140146
Submitted by: Alson van der Meulen <alson+bugs@waalsdorp.nl> (based on)
Approved by: maintainer |
18 Sep 2009 23:41:44
2.7.7
|
miwi |
- Update to 2.7-STABLE7
PR: 138941
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer)
Feature safe: yes |
28 Jun 2009 17:20:42
2.7.6_1
|
miwi |
- Update MASTER_SITE_SUBDIR
PR: 136122
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
31 Mar 2009 23:20:42
2.7.6_1
|
miwi |
- The squid_kerb_auth helper needs to know about the endianness of the system
at compile time. Its author suggests to use -D__LITTLE_ENDIAN__ in the
program's Makefile and this is the solution proposed in ports/131878. Since
FreeBSD (and FreeBSD ports) might be used on big-endian architectures as
well as on little endian architectures I decided to instrument an already
present endianness check directly in the affected source file instead.
- Bump PORTREVISION since this affects the content (and functionality) of
the port's binary package.
Pr: 133159
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
09 Feb 2009 14:32:12
2.7.6
|
miwi |
- Update 2.7.STABLE6
PR: 131431
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer)
Security:
http://www.vuxml.org/freebsd/9c2460a4-f6b1-11dd-94d9-0030843d3802.html |
06 Jan 2009 16:53:07
2.7.5
|
wxs |
- Remove conditional checks for FreeBSD 5.x and older
Approved by: pav |
24 Oct 2008 13:36:23
2.7.5
|
miwi |
- Update to 2.7.STABLE5
PR: 128253
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
10 Aug 2008 22:57:28
2.7.4
|
miwi |
- Update to 2.7.STABLE4
PR: 126413
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
14 Jul 2008 20:10:08
2.7.3
|
beech |
- Update to 2.7.STABLE3
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
03 Jul 2008 23:27:12
2.6.21
|
beech |
- Update to 2.6.STABLE21
PR: ports/125099
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
23 Jun 2008 11:51:51
2.6.20_3
|
miwi |
Refactoring and fixes regarding the squid_kerb_auth helper:
- Move the content of
files/patch-helpers-negotiate_auth_squid_kerb_auth-Makefile.in and
-squid_kerb_auth.c to files/fix-kerberos.patch.
- Implement additional configure check for the presence of
gssapi/gssapi.h and gssapi.h and prefer the former over the latter in
squid_kerb_auth.c. This is done to prevent a compiler warning on
FreeBSD 7 and higher where gssapi.h is only present for compatibility
reasons.
- Actually enable the "negotiate" authentication method in Squid
(thanks to John Marshall for pointing this out to the maintainer).
Bump PORTREVISION for this change.
Removed files:
files/patch-helpers-negotiate_auth-squid_kerb_auth-Makefile.in
files/patch-helpers-negotiate_auth-squid_kerb_auth-squid_kerb_auth.c
PR: 124872
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
22 May 2008 01:08:58
2.6.20_2
|
miwi |
- Fix build after Heimdal update on HEAD
PR: 123782
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
16 May 2008 13:27:17
2.6.20_1
|
miwi |
- Fix a mistake I (the maintainer) had introduced regarding the
installation of the cachemgr.conf.default file: instead of explicitly
installing it I thought it would be enough to change an automake
variable that served an entirely different purpose, namely
hardcoding the path to the configuration in the cachemgr.cgi
binary.
- While at it: remove a no longer needed .sh reference from
files/pkg-message.in.
- Set PORTREVISION to 1 because the hardcoded name of the default
configuration file has changed within cachemgr.cgi.
PR: 123573
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
08 May 2008 13:07:41
2.6.20
|
miwi |
- Update to 2.6STABLE20
PR: 123432
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
05 Apr 2008 01:46:56
2.6.19
|
beech |
- Update to 2.6.STABLE19
- Add a patch for Squid bug #2203 (Fixed in the 3.0 but not yet in the 2.6
series)
- Update maintainer mail address
PR: ports/122383
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
12 Jan 2008 13:11:04
2.6.18
|
miwi |
- Update to 2.6.STABLE18
PR: 119563
Submitted by: Thomas-Martin Seck <tmseck@web.de> (maintainer) |
11 Dec 2007 19:24:36
2.6.17
|
delphij |
Update to 2.6.STABLE17
PR: ports/118430
Submitted by: maintainer |
04 Dec 2007 19:48:35
2.6.16_1
|
delphij |
Apply vendor patch 11780 for SQUID-2007_2.
Security: Denial of Service from trusted client
Security: VuXML 6eb580d7-a29c-11dc-8919-001c2514716c
Approved by: portmgr (erwin) |
04 Oct 2007 01:08:39
2.6.16
|
edwin |
Remove support for OSVERSION < 5 |
20 Sep 2007 20:24:00
2.6.16
|
miwi |
- Remove unneccessary USE_GCC line
Submitted by: Derkjan de Haan <haanjdj@gmail.com>
Approved by: maintainer via private mail |
20 Sep 2007 01:26:28
2.6.16
|
miwi |
- Update to 2.6.STABLE16
PR: 116165
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
05 Sep 2007 16:27:58
2.6.15
|
sem |
- Update to 2.6STABLE15 + 5 vendors patches.
See http://www.squid-cache.org/Versions/v2/2.6/changesets/
PR: ports/116093
Submitted by: maintainer |
16 Aug 2007 23:11:13
2.6.14
|
sat |
- Honor NOPORTEXAMPLES
Approved by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
14 Aug 2007 03:32:12
2.6.14
|
delphij |
- Update to 2.6.STABLE14 plus three patches (see
http://www.squid-cache.org/Versions/v2/2.6/changesets/ for details)
- Add two new authentication helpers: DB and squid_kerb_auth
- Add the website mirrors to the list of download sites as a last resort
in case the distfiles do not make it to the FTP mirrors in time
- Update the mirror server list a bit after checking with the official list
at http://www.squid-cache.org/Download/mirrors.dyn
- Stop handling the "WITH_DEBUG" case: bsd.port.mk handles this just fine
- Add a new rc configuration variable "squid_pidfile" that defaults to
$PREFIX/squid/logs/squid.pid, use this variable for $pidfile in
the rc script and document it in the Squid default/example configuration
- Update the ICAP-2.6-bootstrap patch to reflect changes in the Squid
sources
Submitted by: maintainer
PR: ports/115453 (in followup) |
25 May 2007 02:52:13
2.6.13
|
delphij |
- update to 2.6.STABLE13
- replace sunsite.auc.dk which is no longer serving Squid distfiles
(cf fenner's distfile survey) and replace it with ftp.belnet.be.
The Squid mirror list seems to have vanished (temporarily) during
their website redesign spree but it used to be listed there as
an official Belgian mirror.
- remove files/extra-patch-changeset_11375 which was added in
2.6.12_1, the fix is present in 2.6.STABLE13.
- simplify the SQUID_KQUEUE parsing; Squid-2 will automatically enable
kqueue(2) support and the new OPTIONS parser does no longer require
.ifndef WITHOUT_* constructs
- remove IGNORE for the combination of SQUID_SSL and SQUID_ICAP
- (try to) adapt the ICAP-core patch to the changes in the Squid code base
- add a +ICAP identifier to the internal Squid version string to help the
Squid developers in identifying patched up Squid versions (some
reported bugs were not really Squid but rather ICAP bugs it seems)
Submitted by: Thomas-Martin Seck (maintainer)
PR: ports/112751 |
26 Apr 2007 09:11:29
2.6.12_1
|
miwi |
Add a patch for Squid bug #1814, see
<http://www.squid-cache.org/bugs/show_bug.cgi?id=1814>.
The patchset is a slightly modified version of the Squid patchset 11375.
Notes:
Since this patch conflicts with the ICAP patchset and only affects
non-default configurations that have been compiled using the
WITH_SQUID_SSL configuration option, apply the patch only when this
option is enabled. Set IGNORE when both WITH_SQUID_SSL and
WITH_SQUID_ICAP are defined.
PR: 112054
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
21 Mar 2007 13:13:07
2.6.12
|
miwi |
- Update to 2.6.STABLE.12
PR: 110610
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Security:
http://www.vuxml.org/freebsd/c27bc173-d7aa-11db-b141-0016179b2dd5.html |
18 Mar 2007 11:49:07
2.6.11
|
miwi |
- Update to 2.6.STABLE11.
- Update the ICAP client patchset to not remove a specific function call;
this should fix timeout issues reported on the squid-dev list
PR: 110471
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
07 Mar 2007 22:47:15
2.6.10
|
miwi |
- Update to 2.6 stable10
PR: 110046
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
07 Feb 2007 08:42:31
2.6.9
|
pav |
Rename
www/squid -> www/squid25
www/squid26 -> www/squid
thus effectively updating www/squid to 2.6.STABLE9
PR: ports/108562
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Repocopies by: marcus |
22 Jan 2007 08:49:51
2.5.14_4
|
miwi |
- Add a patch for Squid bug #1857 (segfault on certain FTP URLs).
- Bump Portrevision
PR: ports/107961
Submitted by: Thomas-Martin Sec <tmseck@netcologne.de> |
17 Nov 2006 12:51:29
2.5.14_3
|
jmelo |
- Fix mastersites.
PR: ports/105418
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
14 Nov 2006 20:36:01
2.5.14_3
|
stas |
- Fix typo in LDFLAGS (s,-I,-L,)
Approved by: maintainer via private email |
04 Nov 2006 23:03:40
2.5.14_3
|
miwi |
- update pkg-descr and remove some cruft
- consistently use "Squid" when referring to the software's name
- define COMMENT a bit less chatty
- replace the progeny.com mirror with the one hosted by Vistech
- fix a wrong path in pkg-message.in (thanks to "Tuc at the Beach House")
- pass ${squid_flags} when stopping or reconfiguring Squid (ports/100510)
PR: ports/105023
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Sponsored by: FreeBSD Bug-a-thon #2 |
11 Jul 2006 10:26:23
2.5.14_2
|
itetcu |
- integrate a vendor patch from
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>
to correct a problem with logging that could occur in certain cases
(Squid bug #1605)
- add some of the WWW mirrors found on
<http://www.squid-cache.org/Mirrors/http-mirrors.html> as additional
PATCH_SITES
(thanks to Robert Backhaus for the initial submission)
- make the rc.d script print "Stopping squid." in the hand rolled stop command
when shutting down, just like default rc.subr stop routine would do
PR: ports/100056
Submitted by: maintainer |
05 Jun 2006 23:00:46
2.5.14_1
|
jmelo |
- Update the list of MASTER_SITES.
- Update the icap-core patchset to CVS as of 2006-05-25.
PR: ports/98279
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Approved by: mnag (mentor) |
04 Jun 2006 20:55:31
2.5.14_1
|
sem |
- Integrate a vendor patch published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/> to fix an "assertion
failed: HttpReply.c:105: rep" error (squid bug #1606).
- Update the customlog patchset accordingly.
- Bump PORTREVISION.
PR: ports/97066
Submitted by: maintainer |
22 May 2006 17:11:43
2.5.14
|
garga |
- Update to 2.5.STABLE14
- accept 7-CURRENT's WITHOUT_NIS switch as a synonym for NO_NIS
- add a missing "/" in files/pkg-message.in
- update the ICAP core patchset to the latest CVS (2006-05-21)
- update the custom logfile patchset to the latest CVS (2006-05-21)
PR: ports/97607
Submitted by: maintainer |
16 May 2006 22:33:59
2.5.13_1
|
ehaupt |
- Introduce four vendor patches [1] which:
- simplify definition of the SQUIDHOSTNAMELEN constant (squid bug #1434)
- correct display of mime icons when visible_hostname contains only the plain
hostname without a domain (squid bug #1532)
- plug a memory leak in the HTCP client code (squid bug #1553)
- plug a memory leak in the ident processing code (squid bug #1557)
- Bump PORTREVISION
[1] http://www.squid-cache.org/Versions/v2/2.5/bugs/
PR: 97356
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
19 Mar 2006 00:20:09
2.5.13
|
pav |
- Fix WITH_SQUID_CUSTOM_LOG patch to work with 2.5.13
PR: ports/94665
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
18 Mar 2006 17:11:14
2.5.13
|
pav |
- Update to 2.5.STABLE13
- Implement a new option WITH_SQUID_SASL_AUTH, off by default
- Update the ICAP core patchset to the latest CVS
- Extensive portlintification and cleanups
PR: ports/94642
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
04 Feb 2006 11:45:40
2.5.12_4
|
sem |
Implemented custom log format patch, providing similar functionality
to that of Apache LogFormat and CustomLog configuration directives.
This also allows for output in multiple formats to different log files.
See http://devel.squid-cache.org/customlog/ for more information.
PR: ports/92522
Submitted by: Matthew Will <mwill@spingen.com>
Approved by: maintainer |
15 Jan 2006 15:44:36
2.5.12_4
|
sem |
Integrate two vendor patches being published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- Fix wbinfo_group.pl to correctly work with the wbinfo command
from samba-3.0.21 (squid bug #1472)
- Fix a crash when accessing async IO function counters via the
cachemgr CGI in cases where squid was compiled for aufs support
but not actually using it (squid bug #1464)
While at it, remove an unneeded patch from the ICAP core patchset.
PR: ports/91831
Submitted by: maintainer |
09 Jan 2006 13:37:54
2.5.12_3
|
jylefort |
Rename the rc script back to squid.sh, since some versions of
/etc/rc.d/localpkg only run scripts ending in .sh
PR: ports/91387
Submitted by: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>, maintainer |
25 Dec 2005 23:38:48
2.5.12_2
|
edwin |
[Maintainer] www/squid: rc(8) related fixups
- Fix rc(8) preamble in the squid run script
- Use the .sh suffix only for the old style script
- Do not refer to "rcNG" in pkg-install anymore, rcNG is the default
rc style by now
- Bump PORTREVISION (to mark this change and because the package content
changes)
PR: ports/90858
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> |
20 Dec 2005 16:01:15
2.5.12_1
|
garga |
- Integrate vendor patch to fix a problem with the SMB helper when
--enable-ntlm-fail-open was specified as an additional configuration
option (squid bug #1022).
The port does not enable this option by default; document it, while at it.
- Add SHA256 checksum for the squid tarball
- Integrate ICAP client support based upon the icap project's CVS repository,
turned off by default.
To activate it, build the port with WITH_SQUID_ICAP defined or rerun
'make config'.
- Bump PORTREVISION
PR: ports/90688
Submitted by: maintainer |
01 Nov 2005 14:05:59
2.5.12
|
krion |
Update to 2.5.STABLE12
PR: ports/88327
Submitted by: maintainer |
19 Oct 2005 13:21:11
2.5.11_3
|
garga |
Integrate the following vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- document that tcp_outgoing_xxx works badly in combination with
server_persistent_connections (squid bug #454)
- add more tracing in test mode of squid_ldap_auth (squid bug #1395)
- fix breakage of accel_single_host when combined with
server_persistent_connection (squid bug #1402)
- correctly implement the CACHE_HTTP_PORT configuration directive
(squid bug #1403)
- fix the problem that CNAME addresses were remembered with a wrong TTL
(squid bug #1404)
- fix incorrect handling of squid-internal-dynamic/netdb in conjunction with
httpd_accel/transparent proxies (squid bug #1410)
- properly revalidate the cache on HEAD requests (squid bug #1411)
- correct handling of Set-Cookie headers on cache refreshes (squid bug #1419)
- fix a vulnerability in the FTP parsing code (squid bug #1426)
PR: ports/87637
Submitted by: maintainer |
06 Oct 2005 19:47:55
2.5.11_2
|
mnag |
Fix smb_auth helper
PR: 86850
Pointed by: Dean M. Phillips <dmphilli@gmail.com>
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
28 Sep 2005 13:55:57
2.5.11_1
|
garga |
Integrate a patch from
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- fix delay pools behaviour which was broken by the patch for squid bug #500,
introduced in squid-2.5.10_6 (squid bug #1405)
PR: ports/86669
Submitted by: maintainer |
22 Sep 2005 18:28:33
2.5.11
|
garga |
- Update to 2.5-STABLE11
- Adapt the follow-XFF patches to the changes to squid's sources
PR: ports/86472
Submitted by: maintainer |
16 Sep 2005 18:39:02
2.5.10_7
|
pav |
Update the NTLM-scheme patch to version 2. The first version of the patch is
broken (cf <http://www.squid-cache.org/bugs/show_bug.cgi?id=1391>).
PR: ports/86215
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
15 Sep 2005 21:10:59
2.5.10_6
|
pav |
- Integrate the following vendor patches:
- LDAP helpers do not work with TLS (-Z option)
(squid bug #1389)
- Incorrect store dir selection debug message on objects >2G
(squid bug #1343)
- Enums cannot be assumed to be signed ints
(squid bug #1343)
- Allow leaving core dumps on Linux
(squid bug #1335)
- Do not let clients bypass delay pools by faking a cache hit
(squid bug #500)
- Fix problems regarding CONNECT requests when squid is configured with
"pipeline_prefetch on"
- Fix a possible DOS condition which may be triggered by certain NTLM
authentication requests
(squid bug #1391)
- Remove patching relevant to recently removed pf from ports option
PR: ports/86179
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
15 Sep 2005 00:27:00
2.5.10_5
|
pav |
- Remove dependencies on security/pf, it was removed. pf is in base since
502106
Pointy hat to: pav |
04 Sep 2005 08:57:55
2.5.10_5
|
sem |
- Fix somewhat messed up titles in FTP listings (squid bug #1220)
- FTP listings use "BASE HREF" much more than necessary (squid bug #1204)
- Cleanups for 64bit architectures (squid bug #1316)
- Allow wb_ntlm_auth to run more silent (squid bug #518)
- Add a new 'mail_program' configuration option
- Fix a possible denial of service condition regarding sslConnectTimeout
(squid bug #1355, Secunia Advisory SA16674)
- Avoid a possible assertion failure in StatHist.c (squid bug #1325)
- Fix issues regarding chroot'ed installations on 'squid -k reconfigure'
(squid bug #1331)
- Make URLs in error pages more consistent and less confusing (squid bug #1342)
- Fix compilation when _FORTIFY_SOURCE is defined (squid bug #1344)
- Fix handling of unexpected 250 replies from certain odd FTP servers
(squid bug #1348)
- Add Greek error pages (squid bug #1351)
- Fix a possible denial of service condition with regards to aborted requests
(squid bug #1368)
- Fix the -U option of squid_ldap_auth (squid bug #1370)
- Fix the output of the SNMP cacheClientTable for IP adresses that consist of
16 digits (squid bug #1375)
- Make the From: field of mails sent from squid configurable to avoid
mails getting lost due to spam filtering (squid bug #1380)
PR: ports/85688
Submitted by: maintainer |
30 Jun 2005 20:25:10
2.5.10_4
|
flz |
- Update transparent patch.
PR: ports/82838
Submitted by: maintainer |
29 Jun 2005 21:41:27
2.5.10_3
|
jylefort |
Update the chroot vendor patch to version 2, cf
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-chroot
PR: ports/82739
Submitted by: maintainer |
28 Jun 2005 03:38:39
2.5.10_2
|
ahze |
- Integrate the following vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
+ double content-length often harmless (squid bug #1305)
+ update spanish error pages
+ squid internal icons were served with slightly incorrect headers
(squid bug #1275)
+ squid -k fails in combination with chroot (squid bug #1307)
+ core dump with --enable-ipf-transparent if access to NAT device is denied
(squid bug #1313)
+ http_accel_single_host incompatible with redirection (squid bug #1314)
+ squid -k reconfigure caused data corruption when a cache_dir type had been
changed (squid bug #1308)
+ SNMP getnext failed if the given OID was outside the squid MIB (squid bug
#1317)
PR: ports/82703
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
22 May 2005 14:49:22
2.5.10_1
|
jylefort |
- Read cachemgr.conf rather than cachemgr.conf.default
- Add a missing %SUBDIR% in MASTER_SITES
PR: ports/81319
Submitted by: maintainer |
19 May 2005 15:17:01
2.5.10
|
pav |
- Update Squid to 2.5.STABLE10
PR: ports/81213
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
27 Apr 2005 08:31:36
2.5.9_5
|
vs |
- update distinfo for the updated syslog patch
- remove local patch that is now incorporated into the corresponding
vendor patch (with slightly different wording)
PR: ports/80367
Submitted by: maintainer |
21 Apr 2005 09:57:57
2.5.9_5
|
leeym |
- Update distinfo for the 2GB patch, this includes a fix for
squid bugs #1283, 1287 and 1288 (assertion failed in store_client.c:343).
(already committed)
- Bump portrevision as a datapoint for this bugfix.
PR: 80163
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
21 Apr 2005 00:53:28
2.5.9_4
|
leeym |
- according web page, the patch file is rerolled at 2005-04-20 14:59 again
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-2GB
Noticed by: kris |
18 Apr 2005 08:09:02
2.5.9_4
|
leeym |
- the patch is repacked at 2005-04-18 00:57, after maintainer submit PR 80028
- diff is listed below:
--- /tmp/squid-2.5.STABLE9-2GB.patch Mon Apr 4 17:09:16 2005
+++ /usr/ports/distfiles/squid2.5/squid-2.5.STABLE9-2GB.patch Mon Apr 18
08:57:57 2005
@@ -3000,7 +3000,7 @@
}
/* there are some things we cannot do yet */
Index: squid/src/protos.h
-diff -c squid/src/protos.h:1.420.2.28 squid/src/protos.h:1.420.2.32
+diff -c squid/src/protos.h:1.420.2.28 squid/src/protos.h:1.420.2.30
*** squid/src/protos.h:1.420.2.28 Fri Mar 18 17:01:52 2005
--- squid/src/protos.h Sat Mar 26 10:36:01 2005
***************(Only the first 15 lines of the commit message are shown above  ) |
18 Apr 2005 02:05:35
2.5.9_4
|
leeym |
Integrate the following vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- Correct several minor aufs issues (squid bug #671)
- Basic authentification fails when login+password totalled to more than
64 characters (squid bug #1171)
- Fix an assertion that could occur when traffic other than HTTPS was
tunneled through squid via the CONNECT method (squid bug #1269)
- Make the --disable-hostname-check configuration option actually work
(squid bug #1270)
- Fix aufs warning about open filedescriptors when the cache was shut down
(squid bug #671)
- Allow squid to process requests for files larger than 2GB in size
(squid bug #437)
(Only the first 15 lines of the commit message are shown above ) |
15 Mar 2005 22:50:50
2.5.9_3
|
ahze |
- Chase checksum of the updated pid_t patch
PR: ports/78897
Submitted by: maintainer |
13 Mar 2005 19:32:53
2.5.9_2
|
ahze |
- Integrate the following vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
+ Handle odd data formats (squid bug #321)
+ reload_into_ims fails to revalidate negatively cached entries
(squid bug #1159)
+ Clarify delay_access function (squid bug #1245)
+ Check several squid.conf directives for int overflows (squid bug #1247)
+ Use memset(3) instead of bzero(3) (squid bug #1256)
+ Fix compile warnings due to pid_t not being an int (squid bug #1257)
+ Fix incorrect use of ctype functions (squid bug #1259)
+ Defer digest fetch if the peer is not allowed to be used (squid bug #1262)
+ Extend relaxed_header_parser to work around "excess data from" errors from
many major web servers (squid bug #1265)
- Enable IPFilter based transparent proxying on all FreeBSD versions where
IPFilter headers are part of the base system (i.e. RELENG_4 < 4.7-RELEASE,
RELENG_5 and 6-CURRENT). Create a new OPTION WITH_SQUID_IPFILTER for this
purpose. Thanks to sem@ for keeping track of this issue!
PR: ports/78780
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
08 Mar 2005 23:27:46
2.5.9_1
|
pav |
Integrate the following vendor patches as published on
- correct a race condition related to the Set-Cookie header
- correct the FTP parser with regards to the EPLF format
(squid bug #1252)
- correct FTP listing output when the URL was requested without a trailing
slash (squid bug #1253)
- make ACL configuration errors fatal (squid bug #1255)
PR: ports/78446
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
26 Feb 2005 15:56:49
2.5.9
|
pav |
- Update to 2.5.STABLE9
PR: ports/78079
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
20 Feb 2005 17:45:36
2.5.8_1
|
pav |
* Vendor patches:
- fix some cross-platform build format warnings
- allow high characters in generated FTP and Gopher directory listings
(squid bug #1220)
- cleanup generation of FTP URLs
- relax the newly introduced strict HTTP parser slightly to work around some
more malformed HTTP responses (squid bug #1242)
PR: ports/77779
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
13 Feb 2005 17:21:02
2.5.8
|
sem |
- Update to 2.5-STABLE8
- Integrate a vendor patch from:
http://www.squid-cache.org/Versions/v2/2.5/bugs/
it fixes a major problem regarding the handling of invalid DNS responses
PR: ports/77423
Submitted by: maintainer |
10 Feb 2005 23:15:08
2.5.7_13
|
pav |
- Update header_parsing.patch
PR: ports/77360
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) |
08 Feb 2005 15:11:56
2.5.7_12
|
nectar |
Integrate the following vendor patch as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- Address HTTP protocol mismatch related to oversized reply headers and
enhance cache.log on reply header parsing failures (squid bug #1216)
- correct the search request generated by the LDAP authentication helper
- fix a race within the NTLM authentication mechanism (squid bug #1127)
- fix handling of failed PUT/POST requests (squid bug #1224)
- fix problems with persistent server connections after failed PUT/POST
requests (squid bug #1122)
- improve handling of forged WCCP packets (squid bug #1225)
PR: ports/76967
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Security:
http://vuxml.freebsd.org/bfda39de-7467-11d9-9e1e-c296ac722cb3.html |
01 Feb 2005 14:11:22
2.5.7_11
|
sem |
- Fix fetching.
* The response_splitting patch has been updated
to correct a problem with cache digests.
PR: ports/76889
Submitted by: maintainer |
29 Jan 2005 21:49:20
2.5.7_10
|
sem |
- Integrate a vendor patch against a buffer overflow in the WCCP handling,
see
<http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow>
and <http://www.squid-cache.org/Advisories/SQUID-2005_3.txt>.
PR: ports/76827
Submitted by: maintainer |
29 Jan 2005 10:42:13
2.5.7_9
|
krion |
Sync follow-XFF with the latest vendor patch.
PR: ports/76801
Submitted by: maintainer |
26 Jan 2005 17:56:25
2.5.7_9
|
sem |
- Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
+ Reject malformed HTTP requests and responses that conflict with the HTTP
specifications
This issue is qualified as a security issue by the vendor.
+ PURGE is allowed to delete internal objects (squid bug #1112)
+ Disable Path-MTU discovery on intercepted requests (squid bug #1154)
(VuXML vid=b4d94fa0-6e38-11d9-9e1e-c296ac722cb3)
- Clean up and correct package list generation. Now installed files
and directories are visible via PLIST_FILES and PLIST_DIRS.
- Don't claim that squid related files or directories are still present
after deinstallation when in fact they are not.
- Add "-g" to CFLAGS when WITH_SQUID_STACKTRACES is defined to make this
option actually useful.
PR: ports/76628
Submitted by: maintainer |
22 Jan 2005 09:31:33
2.5.7_8
|
edwin |
[Maintainer/security] www/squid: protect against HTTP resonse split
attack and other patches
Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- FTP data connection fails on some FTP servers when requesting
a directory without a trailing slash (squid bug #1194)
- Icons fail to load on non-anonymous FTP when using the
short_icons_url configuration directive (squid bug #1203)
- Strengthen squid against HTTP response splitting cache pollution
attacks (squid bug #1200), classified as security issue by
the vendor(Only the first 15 lines of the commit message are shown above ) |
19 Jan 2005 10:58:40
2.5.7_7
|
edwin |
[Maintainer/Security] www/squid: integrate vendor patches
Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
- Sanity check usernames in squid_ldap_auth (squid bug #1187),
classified as minor security issue by the vendor, see below for VuXML
information
- FQDN names truncated on compressed DNS responses (squid bug #1136)
- Internal DNS memory leak on malformed responses (squid bug #1197)
PR: ports/76364
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> |
12 Jan 2005 22:37:29
2.5.7_6
|
simon |
- Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/> for the following
issues:
+ Prevent a possible denial of service attack via WCCP messages (squid bug
#1190), classified as security issue by the vendor
+ Fix a buffer overflow in the Gopher to HTML conversion routine (squid bug
#1189), classified as security issue by the vendor
+ Fix a null pointer access and plug memory leaks in the fake_auth NTLM
helper (squid bug #1183) (this helper app is not installed by default by
the port)
+ Stop closing open filedescriptors beyond stdin, stdout and stderr on
startup (squid bug #1177)
- Unbreak the port on NO_NIS systems (thanks to "Alexander <freebsd AT
nagilum.de>" for reporting this)
- Document the two security issues in VuXML.
PR: ports/76173
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Approved by: erwin (mentor) |
29 Dec 2004 08:59:49
2.5.7_5
|
krion |
Patch was rerolled because of some bug fixes.
Approved by: maintainer |
23 Dec 2004 12:15:30
2.5.7_5
|
krion |
Handle empty ACL definitions properly.
PR: ports/75403
Submitted by: maintainer |
08 Dec 2004 23:16:53
2.5.7_4
|
sem |
Integrate the following vendor patches as published on
http://www.squid-cache.org/Versions/v2/2.5/bugs/:
- a malformed hostname can cause squid to return random data as error messages,
possibly leaking internal information from former requests (squid bug #1143).
(This is classified as a minor security issue by the squid developers, so
maintainer cc'ed security-team@. See VuXML entry.)
- the "httpd_accel_port 0" directive does not work on its own (squid bug #1121)
- fix crashes occuring when using cachemgr's "vm_objects" operation (squid
bug #1149)
PR: ports/74859
Submitted by: maintainer |
14 Nov 2004 09:55:41
2.5.7_3
|
krion |
- fix shutting down of helper applications on reconfigure or
logrotation (squid bug #1118)
- properly close the client TCP connection when a malformed blank
HTTP response was received from the server (squid bug #1116)
PR: ports/73913
Submitted by: maintainer |
27 Oct 2004 09:48:52
2.5.7_2
|
sergei |
- Integrate the following vendor patches:
- document the LDAP helpers' -v option
- correct the implementation of the req_header and resp_header acls
(the original implementation submitted in squid bug #961 was faulty)
See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further details.
- Bump PORTREVISION
PR: ports/73154
Submitted by: Thomas-Martin Seck (maintainer) |
18 Oct 2004 22:50:20
2.5.7_1
|
sergei |
- Integrate a vendor patch that prevents squid from consuming 100%
CPU for half closed PUT/POST requests (squid bugs #354, 1096).
See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
details.
- Adapt the follow_xff patch to changes in some of squid's data
structures and unbreak the WITH_SQUID_FOLLOW_XFF option.
- Bump PORTREVISION.
PR: ports/72840
Submitted by: Thomas-Martin Seck (maintainer) |
13 Oct 2004 10:43:48
2.5.7
|
sergei |
- Update to 2.5-STABLE7; this release fixes a security issue regarding
the SNMP module
- Remove a patch that is now part of the distribution
- Miscellaneuous small fixes:
+ in squid.sh, make stop_command poll for the squid processes' exit in
the rcNG case too; this eliminates the need to do this in restart_command
+ make the information regarding rcNG'ness in pkg-install easier to read
+ install unstripped binaries if WITH_SQUID_STACKTRACES is defined
PR: ports/72581
Submitted by: Thomas-Martin Seck (maintainer) |
11 Oct 2004 08:43:34
2.5.6_12
|
sergei |
- Unbreak fetching squid again:
The recently updated client_db_gc patch has been reissued again;
according to squid CVS to "finetune the client db garbage collection
interval". Update distinfo accordingly and bump PORTREVISION.
PR: ports/72461 [1], ports/72463 [2]
Submitted by: Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1],
Thomas-Martin Seck (maintainer) [2]
Approved by: portsmgr (krion) |
07 Oct 2004 09:42:16
2.5.6_11
|
sergei |
- Unbreak fetching:
The client_db_gc patch contained a wrong debugging information
and was thus reissued by the vendor.
Update distinfo accordingly and bump PORTREVISION.
PR: ports/72387
Submitted by: Thomas-Martin Seck (maintainer)
Approved by: portsmgr (krion) |
02 Sep 2004 07:44:14
2.5.6_10
|
sem |
Implement vendor patches for the following issues:
- try to prevent crashes of the digest helper (squid bug #1031)
- correct parsing of the acl_time directive when multiple time specifications
are given (squid bug #1060)
- correct "cachemgr config" output for http_header_* directives
(squid bug #1056)
- recognize the Content-Disposition header to be able to specify
http_header_access directives using it (squid bug #961)
See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
information.
Reimplement the rcNG support. See UPDATING for details.
PR: ports/71260
Submitted by: maintainer |
28 Aug 2004 21:51:36
2.5.6_9
|
sem |
Integrate vendor patches for the following issues:
- close a memory leak when NTLM authentication without challenge reuse
is used (squid bug #994)
- close a temporary memory leak when NTLM challenge response reuse is
enabled (squid bug #910)
- when performing log rotation with 'squid -k rotate' do not crash if a
swap state file or a cache directory is unwriteable (squid bug #1053)
See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
information.
PR: ports/71082
Submitted by: maintainer |
21 Aug 2004 13:28:56
2.5.6_8
|
krion |
Fix grammatical and whitespace errors in squid.conf.default.
Set supplementary group membership correctly when running squid
as a non-root user and do not ignore the squid_group setting
when starting squid as root (squid bug #1021)
Enable the external_acl helper protocol to handle newlines
in the embedded data (squid bug #1038)
PR: ports/70767
Submitted by: maintainer |
20 Aug 2004 14:54:30
2.5.6_7
|
sem |
* Integrate a vendor patch for a possible DOS against the NTLM
authentication helpers, see squid bug #1045.
* Bump PORTREVISION.
PR: ports/70707
Submitted by: maintainer |
11 Aug 2004 20:18:07
2.5.6_6
|
krion |
The ldap_helpers patch has been updated again; see squid bug
#1032 for details.
PR: ports/70312
Submitted by: maintainer |
07 Aug 2004 20:28:16
2.5.6_5
|
krion |
Integrate new vendor patches:
- fix a problem in the heap policy code that could cause memory
corruption when a {cache,memory}_replacement_policy other
than the default "lru" was used (squid bug #1009)
- correct quoting of unknown % escape codes when generating
error pages (squid bug #1030)
PR: ports/70110
Submitted by: maintainer |
30 Jul 2004 00:08:51
2.5.6_5
|
edwin |
[Maintainer] www/squid: chase re-issued patch, unbreak fetching
The concurrent_dns_lookups patch was reissued, update distinfo accordingly.
See <http://www.squid-cache.org/bugs/show_bug.cgi?id=852> for
further information.
PR: ports/69764
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> |
28 Jul 2004 19:56:48
2.5.6_4
|
krion |
- integrate a new version of the LDAP update patch, the
problems with the previous version are hopefully fixed (squid bug #1018)
- integrate a new NTLM authentication patch to address a problem with
truncating NTLM authentication blobs (squid bug #1016)
- remove two patches which were withdrawn (see squid bugs #910
and 994)
PR: ports/69719
Submitted by: maintainer |
28 Jul 2004 03:10:54
2.5.6_3
|
ijliao |
Fix a bug that disallowed explicit unsetting of the squid_flags variable.
PR: 69670
Submitted by: maintainer |
