MDKSA-2005:014
- Package name
- squid
- Date
- 2005-01-24
- Advisory ID
- MDKSA-2005:014
- Affected versions
- 9.2 i586 , CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 i586 , 9.2 amd64 , CS2.1 i586 , 10.1 x86_64
Problem description
"infamous41md" discovered two vulnerabilities in the squid proxy cache server. The first is a buffer overflow in the Gopher response parser which leads to memory corruption and would usually crash squid (CAN-2005-0094). The second is an integer overflow in the receiver of WCCP (Web Cache Communication Protocol) messages. An attacker could send a specially crafted UDP datagram that would cause squid to crash (CAN-2005-0095). The updated packages have been patched to prevent these problems.
Updated packages
9.2 i586
b200e4cd5136b605665675c22a07f8f6 9.2/RPMS/squid-2.5.STABLE3-3.5.92mdk.i586.rpm 3ad2ffec1411fae0708f4f3e00505fa3 9.2/SRPMS/squid-2.5.STABLE3-3.5.92mdk.src.rpm
CS2.1 x86_64
903517606084ab4d37e2a52506eed1a5 x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.x86_64.rpm dfc6cc283c301c3f4495e3a8f7ddcd63 x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm
10.0 amd64
01d6b3dfa7dc5dd5cf1a95c14492f18c amd64/10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.amd64.rpm c2cb0554ab7225eef74bef946ffe359d amd64/10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm
10.1 i586
59493538203620d5bcaabaa23d601446 10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.i586.rpm e54c318ee8ec23a28f7ab799e7caad33 10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm
10.0 i586
829a39d43e630ea5723714a6914fb714 10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.i586.rpm c2cb0554ab7225eef74bef946ffe359d 10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm
CS3.0 i586
c3567af5bc3b38291199904d81165879 corporate/3.0/RPMS/squid-2.5.STABLE4-2.3.C30mdk.i586.rpm 89d53797c271b1897f775d75c4bb4b9e corporate/3.0/SRPMS/squid-2.5.STABLE4-2.3.C30mdk.src.rpm
9.2 amd64
e3eff312ad7b514582575f076f26e5fb amd64/9.2/RPMS/squid-2.5.STABLE3-3.5.92mdk.amd64.rpm 3ad2ffec1411fae0708f4f3e00505fa3 amd64/9.2/SRPMS/squid-2.5.STABLE3-3.5.92mdk.src.rpm
CS2.1 i586
a42ac4049889e5b7123be68f65784f79 corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.i586.rpm dfc6cc283c301c3f4495e3a8f7ddcd63 corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm
10.1 x86_64
f11e4cc06bcface8d67e8505eaa96723 x86_64/10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.x86_64.rpm e54c318ee8ec23a28f7ab799e7caad33 x86_64/10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm