From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Oct 18 19:20:16 2005 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DDDA816A420 for ; Tue, 18 Oct 2005 19:20:16 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3F1D43D48 for ; Tue, 18 Oct 2005 19:20:15 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j9IJKFND023214 for ; Tue, 18 Oct 2005 19:20:15 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j9IJKFAA023213; Tue, 18 Oct 2005 19:20:15 GMT (envelope-from gnats) Resent-Date: Tue, 18 Oct 2005 19:20:15 GMT Resent-Message-Id: <200510181920.j9IJKFAA023213@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Thomas-Martin Seck Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 33BA716A41F for ; Tue, 18 Oct 2005 19:16:25 +0000 (GMT) (envelope-from tmseck@netcologne.de) Received: from smtp1.netcologne.de (smtp1.netcologne.de [194.8.194.112]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7505C43D4C for ; Tue, 18 Oct 2005 19:16:21 +0000 (GMT) (envelope-from tmseck@netcologne.de) Received: from laurel.tmseck.homedns.org (xdsl-87-78-52-150.netcologne.de [87.78.52.150]) by smtp1.netcologne.de (Postfix) with SMTP id 546BA39011 for ; Tue, 18 Oct 2005 21:16:17 +0200 (MEST) Received: (qmail 4218 invoked by uid 1001); 18 Oct 2005 19:16:39 -0000 Message-Id: <20051018191639.4217.qmail@laurel.tmseck.homedns.org> Date: 18 Oct 2005 19:16:39 -0000 From: Thomas-Martin Seck To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: secteam@FreeBSD.org Subject: ports/87637: [Maintainer] [Security] www/squid: integrate vendor patches; fix an FTP parsing vulnerability X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Thomas-Martin Seck List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Oct 2005 19:20:17 -0000 >Number: 87637 >Category: ports >Synopsis: [Maintainer] [Security] www/squid: integrate vendor patches; fix an FTP parsing vulnerability >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Oct 18 19:20:15 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Thomas-Martin Seck >Release: FreeBSD 4.11-STABLE i386 >Organization: a private site in Germany >Environment: FreeBSD ports collection as of Oct 18, 2005. >Description: Integrate the following vendor patches as published on : - document that tcp_outgoing_xxx works badly in combination with server_persistent_connections (squid bug #454) - add more tracing in test mode of squid_ldap_auth (squid bug #1395) - fix breakage of accel_single_host when combined with server_persistent_connection (squid bug #1402) - correctly implement the CACHE_HTTP_PORT configuration directive (squid bug #1403) - fix the problem that CNAME addresses were remembered with a wrong TTL (squid bug #1404) - fix incorrect handling of squid-internal-dynamic/netdb in conjunction with httpd_accel/transparent proxies (squid bug #1410) - properly revalidate the cache on HEAD requests (squid bug #1411) - correct handling of Set-Cookie headers on cache refreshes (squid bug #1419) - fix a vulnerability in the FTP parsing code (squid bug #1426) VuXML data for squid bug #1426 (please fill in date): squid -- vulnerability in FTP parsing code squid 2.5.11_3

The squid patches page notes:

In certain odd FTP server responses Squid may crash with a segmentation fault in rfc1738_do_escape.

Workaround: deny access to the ftp protocol via the proxy

http://www.squid-cache.org/bugs/show_bug.cgi?id=1426 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape 2005-10-12 YYYY-MM-DD
>How-To-Repeat: >Fix: Apply this patch: Index: distinfo =================================================================== --- distinfo (.../www/squid) (revision 600) +++ distinfo (.../local/squid) (revision 600) @@ -2,3 +2,23 @@ SIZE (squid2.5/squid-2.5.STABLE11.tar.bz2) = 1075431 MD5 (squid2.5/squid-2.5.STABLE11-delaypools_truncated.patch) = 73bd15ae4853d9b0f45ac4277b35ed15 SIZE (squid2.5/squid-2.5.STABLE11-delaypools_truncated.patch) = 588 +MD5 (squid2.5/squid-2.5.STABLE11-tcp_outgoing_xxx.patch) = 18846f871032c4d7c496373c24b9f4d9 +SIZE (squid2.5/squid-2.5.STABLE11-tcp_outgoing_xxx.patch) = 1140 +MD5 (squid2.5/squid-2.5.STABLE11-ldap_auth.patch) = a22867a5be67b3ff2dd35ab338b05d9e +SIZE (squid2.5/squid-2.5.STABLE11-ldap_auth.patch) = 4857 +MD5 (squid2.5/squid-2.5.STABLE11.accel_single_host_pconn.patch) = f6ad18183bb3df2da1c5e6287b7162ea +SIZE (squid2.5/squid-2.5.STABLE11.accel_single_host_pconn.patch) = 944 +MD5 (squid2.5/squid-2.5.STABLE11-CACHE_HTTP_PORT.patch) = a43d8d7bed00dc0caebec7b440625a11 +SIZE (squid2.5/squid-2.5.STABLE11-CACHE_HTTP_PORT.patch) = 4010 +MD5 (squid2.5/squid-2.5.STABLE11-CNAME.patch) = 263c1a76d470ad4553e05e686e422de2 +SIZE (squid2.5/squid-2.5.STABLE11-CNAME.patch) = 3825 +MD5 (squid2.5/squid-2.5.STABLE11-httpd_accel-internal.patch) = fe88ab718a58e484bbf8ce6ce6111dd3 +SIZE (squid2.5/squid-2.5.STABLE11-httpd_accel-internal.patch) = 1736 +MD5 (squid2.5/squid-2.5.STABLE11-IMS-HEAD.patch) = 1e8ddcd080f431c8f3c059366e159765 +SIZE (squid2.5/squid-2.5.STABLE11-IMS-HEAD.patch) = 834 +MD5 (squid2.5/squid-2.5.STABLE11-redirect-CONNECT.patch) = 16e8a386cae25b5b0493adb66d89416f +SIZE (squid2.5/squid-2.5.STABLE11-redirect-CONNECT.patch) = 1282 +MD5 (squid2.5/squid-2.5.STABLE11-setcookie.patch) = 0d1acad61df0ffb5224cb3910f25fb29 +SIZE (squid2.5/squid-2.5.STABLE11-setcookie.patch) = 531 +MD5 (squid2.5/squid-2.5.STABLE11-rfc1738_do_escape.patch) = 43094437e3d66aa1cb141ea4c776df19 +SIZE (squid2.5/squid-2.5.STABLE11-rfc1738_do_escape.patch) = 3302 Index: Makefile =================================================================== --- Makefile (.../www/squid) (revision 600) +++ Makefile (.../local/squid) (revision 600) @@ -70,7 +70,7 @@ PORTNAME= squid PORTVERSION= 2.5.11 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= www MASTER_SITES= \ ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \ @@ -83,7 +83,17 @@ DIST_SUBDIR= squid2.5 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ -PATCHFILES= squid-2.5.STABLE11-delaypools_truncated.patch +PATCHFILES= squid-2.5.STABLE11-delaypools_truncated.patch \ + squid-2.5.STABLE11-tcp_outgoing_xxx.patch \ + squid-2.5.STABLE11-ldap_auth.patch \ + squid-2.5.STABLE11.accel_single_host_pconn.patch \ + squid-2.5.STABLE11-CACHE_HTTP_PORT.patch \ + squid-2.5.STABLE11-CNAME.patch \ + squid-2.5.STABLE11-httpd_accel-internal.patch \ + squid-2.5.STABLE11-IMS-HEAD.patch \ + squid-2.5.STABLE11-redirect-CONNECT.patch \ + squid-2.5.STABLE11-setcookie.patch \ + squid-2.5.STABLE11-rfc1738_do_escape.patch PATCH_DIST_STRIP= -p1 MAINTAINER= tmseck@netcologne.de >Release-Note: >Audit-Trail: >Unformatted: