* [PATCH] bind: Update to 9.10.3-P2
@ 2015-12-26 23:20 Matthias Fischer
2015-12-27 23:57 ` [PATCH] Add RAM-only Proxy functionality - Bug Report #10592 Xaver4all
2015-12-28 14:39 ` [PATCH] bind: Update to 9.10.3-P2 Michael Tremer
0 siblings, 2 replies; 3+ messages in thread
From: Matthias Fischer @ 2015-12-26 23:20 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1102 bytes --]
Changelog:
[security]
Update allowed OpenSSL versions as named is potentially
vulnerable to CVE-2015-3193.
[maint]
H.ROOT-SERVERS.NET is 198.97.190.53 and 2001:500:1::53. [RT #40556]
[security]
Insufficient testing when parsing a message allowed
records with an incorrect class to be be accepted,
triggering a REQUIRE failure when those records
were subsequently cached. (CVE-2015-8000) [RT #40987]
[security]
Address fetch context reference count handling error
on socket error. (CVE-2015-8461) [RT#40945]
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
lfs/bind | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/bind b/lfs/bind
index 6480798..b0d5185 100644
--- a/lfs/bind
+++ b/lfs/bind
@@ -25,7 +25,7 @@
include Config
-VER = 9.10.3
+VER = 9.10.3-P2
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d8cbf04a62a139a841d4bf878087a555
+$(DL_FILE)_MD5 = 672dd3c2796b12ac8440f55bcaecfa82
install : $(TARGET)
--
2.6.4
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH] Add RAM-only Proxy functionality - Bug Report #10592
2015-12-26 23:20 [PATCH] bind: Update to 9.10.3-P2 Matthias Fischer
@ 2015-12-27 23:57 ` Xaver4all
2015-12-28 14:39 ` [PATCH] bind: Update to 9.10.3-P2 Michael Tremer
1 sibling, 0 replies; 3+ messages in thread
From: Xaver4all @ 2015-12-27 23:57 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1543 bytes --]
Squiddoesn't use RAM only for caching, if you set cachesize for disk
usage =0 andmemory cachesize >0 in GUI.
Now if you set "cache_size"=0 and "cache_mem">0,caching won't be
disabled completely ("cache deny all").
If you want todisable caching completely you must set "cache_size"=0 and
"cache_mem"=0.
Besides this "maximum_object_size_in_memory" will be set to 512KB.
Originally reported by qiller in Bugtracker form over one year. I just
created the diff an tested this on my IP-Fire.
Especially for the announced 64 Bit version of IP-Fire, where Squid can
handel more RAM, this may be useful.
Reported-by: qiller
Signed-off-by: Kim Wölfel <xaver4all(a)gmx.de>
---
html/cgi-bin/proxy.cgi | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
index 6c4e2b0..164ca63 100644
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -3173,7 +3173,7 @@ END
}
}
- if ($proxysettings{'CACHE_SIZE'} > 0)
+ if (($proxysettings{'CACHE_SIZE'} > 0) ||
($proxysettings{'CACHE_MEM'} > 0))
{
print FILE "\n";
@@ -3270,7 +3270,12 @@ cache_dir aufs /var/log/cache
$proxysettings{'CACHE_SIZE'} $proxysettings{'L1_DI
END
;
} else {
- print FILE "cache deny all\n\n";
+ if ($proxysettings{'CACHE_MEM'} > 0)
+ {
+ print FILE "maximum_object_size_in_memory 512 KB\n\n";
+ } else {
+ print FILE "cache deny all\n\n";
+ }
}
print FILE <<END
--
2.6.4.windows.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] bind: Update to 9.10.3-P2
2015-12-26 23:20 [PATCH] bind: Update to 9.10.3-P2 Matthias Fischer
2015-12-27 23:57 ` [PATCH] Add RAM-only Proxy functionality - Bug Report #10592 Xaver4all
@ 2015-12-28 14:39 ` Michael Tremer
1 sibling, 0 replies; 3+ messages in thread
From: Michael Tremer @ 2015-12-28 14:39 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1289 bytes --]
Merged.
On Sun, 2015-12-27 at 00:20 +0100, Matthias Fischer wrote:
> Changelog:
>
> [security]
> Update allowed OpenSSL versions as named is potentially
> vulnerable to CVE-2015-3193.
>
> [maint]
> H.ROOT-SERVERS.NET is 198.97.190.53 and 2001:500:1::53. [RT #40556]
>
> [security]
> Insufficient testing when parsing a message allowed
> records with an incorrect class to be be accepted,
> triggering a REQUIRE failure when those records
> were subsequently cached. (CVE-2015-8000) [RT #40987]
>
> [security]
> Address fetch context reference count handling error
> on socket error. (CVE-2015-8461) [RT#40945]
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
> lfs/bind | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lfs/bind b/lfs/bind
> index 6480798..b0d5185 100644
> --- a/lfs/bind
> +++ b/lfs/bind
> @@ -25,7 +25,7 @@
>
> include Config
>
> -VER = 9.10.3
> +VER = 9.10.3-P2
>
> THISAPP = bind-$(VER)
> DL_FILE = $(THISAPP).tar.gz
> @@ -43,7 +43,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_MD5 = d8cbf04a62a139a841d4bf878087a555
> +$(DL_FILE)_MD5 = 672dd3c2796b12ac8440f55bcaecfa82
>
> install : $(TARGET)
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-12-28 14:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-12-26 23:20 [PATCH] bind: Update to 9.10.3-P2 Matthias Fischer
2015-12-27 23:57 ` [PATCH] Add RAM-only Proxy functionality - Bug Report #10592 Xaver4all
2015-12-28 14:39 ` [PATCH] bind: Update to 9.10.3-P2 Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox