Certain malformed NTLMSSP packets could crash the NTLM helpers provided by Squid. I have updated the squid patchset to include the patch provided on the bug release website; Just here for notification and publication if necessary. Effected users www-proxy/squid-2.5.* Remedy, upgrade to >=www-proxy/squid-2.5.6-r2 Reproducible: Always Steps to Reproduce:
So like how do we test to make sure these fixes work?
Andrew could you provide a testcase to assist the arches mark stable?
Honestly... I am not sure how. http://www.squid-cache.org/bugs/show_bug.cgi?id=1045 Details the initial reporting of the problem; in as much as what the problem is described as being the patch definately fixes. ie (o > 0);
Once I get back from school I'll try and get a nice test case up based on the squid getting started guide. The one avaliable from upstream is decent enough for testing, but it needs to be tweaked for Gentoo specific files, build process.
While trying to create the test case, I ran into a circular dep issue. Changing this back to ebuild status. net-mail / robbat2: There are circular dep issues with openldap and cyrus-sasl which results in the following: bash-2.05b# emerge -p cyrus-sasl | grep ebuild [ebuild N ] net-nds/openldap-2.1.30-r1 [ebuild N ] dev-libs/cyrus-sasl-2.1.18-r2 bash-2.05b# emerge -p openldap | grep ebuild [ebuild N ] dev-libs/cyrus-sasl-2.1.18-r2 [ebuild N ] net-nds/openldap-2.1.30-r1 This prevents proper installation of squid with sasl and ldap USE flags enabled, and the above libraries not being installed. Thanks ahead of time for any comments/suggestions!
chriswhite: see bug #32394 for the circular dep. it's one that is not really solvable. openldap needs cyrus-sasl to provide SASL auth [widely used] cyrus-sasl has an ldap backend, that needs to link against the openldap libs (which in turn may be linked to the sasl libs ;-)
Arches please mark stable.
Stable on alpha.
x86 stable now
Stable on sparc
Fixing status whiteboard to only include supported arches. Waiting for amd64 to issue a GLSA on this. hppa ia64 mips ppc64 s390 : don't forget to mark stable to benefit from GLSA.
stable on amd64
Security this one is ready for GLSA, please draft.
GLSA 200409-04 is out. hppa ia64 mips ppc64 s390 : don't forget to mark stable to benefit.
HPPA stable.
*** Bug 64165 has been marked as a duplicate of this bug. ***
stable on ppc64
Stable on mips.