CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2018/01/23 08:00:02
Modified files:
www/squid : Makefile
Added files:
www/squid/patches: patch-src_client_side_request_cc
patch-src_esi_CustomParser_cc
Log message:
http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses.
This problem allows a remote server delivering certain ESI
response syntax to trigger a denial of service for all clients
accessing the Squid service.
http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses or downloading
intermediate CA certificates.
This problem allows a remote client delivering certain HTTP
requests in conjunction with certain trusted server responses to
trigger a denial of service for all clients accessing the Squid
service.
