MDKSA-2007:026
- Nom du paquet
- squid
- Date
- 2007-01-23
- Advisory ID
- MDKSA-2007:026
- Affected versions
- CS4.0 x86_64 , MNF2.0 i586 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64
Problem description
A vulnerability in squid was discovered that could be remotely
exploited by using a special ftp:// URL (CVE-2007-0247).
Another Denial of Service vulnerability was discovered in squid 2.6
that allows remote attackers to crash the server by causing an
external_acl_queue overload (CVE-2007-0248).
Additionally, a bug in squid 2.6 for max_user_ip handling in ntlm_auth
has been corrected.
The updated packages have been patched to correct this problem.
Updated packages
CS4.0 x86_64
a3431be4855f377ae0efaf7bf60c845f corporate/4.0/x86_64/squid-2.6.STABLE1-4.2.20060mlcs4.x86_64.rpm 7953d0208a17451f1465c69d244736fd corporate/4.0/x86_64/squid-cachemgr-2.6.STABLE1-4.2.20060mlcs4.x86_64.rpm 46198dfe46b61033924be7a1050bf1d7 corporate/4.0/SRPMS/squid-2.6.STABLE1-4.2.20060mlcs4.src.rpm
MNF2.0 i586
6df4b826639660123bd8cbaf045b3efd mnf/2.0/i586/squid-2.5.STABLE9-1.6.M20mdk.i586.rpm 0c6029fd8710939fa1e187acbf2e1c70 mnf/2.0/SRPMS/squid-2.5.STABLE9-1.6.M20mdk.src.rpm
2006.0 i586
08e2ff96f1951e61a976ef60bbf6bea5 2006.0/i586/squid-2.5.STABLE10-10.3.20060mdk.i586.rpm 59613107122da1dd6c0ce6724f563fed 2006.0/i586/squid-cachemgr-2.5.STABLE10-10.3.20060mdk.i586.rpm 96bdafa2207c70e46e2c6b958748b884 2006.0/SRPMS/squid-2.5.STABLE10-10.3.20060mdk.src.rpm
2007.0 x86_64
dd5ac455b5f94d7b5589d1ff80972dc3 2007.0/x86_64/squid-2.6.STABLE1-4.2mdv2007.0.x86_64.rpm e9968cd35f6c21988691982ab3d6c9dc 2007.0/x86_64/squid-cachemgr-2.6.STABLE1-4.2mdv2007.0.x86_64.rpm 6800d5a945187fca10197220d3068e01 2007.0/SRPMS/squid-2.6.STABLE1-4.2mdv2007.0.src.rpm
2007.0 i586
21dd893ce118c427d7b34656e41939ec 2007.0/i586/squid-2.6.STABLE1-4.2mdv2007.0.i586.rpm 4021d4e323f1fc695aa956832ede5dbd 2007.0/i586/squid-cachemgr-2.6.STABLE1-4.2mdv2007.0.i586.rpm 6800d5a945187fca10197220d3068e01 2007.0/SRPMS/squid-2.6.STABLE1-4.2mdv2007.0.src.rpm
CS3.0 x86_64
5c575f5fb19da84a3c0f3ee92429c65c corporate/3.0/x86_64/squid-2.5.STABLE9-1.6.C30mdk.x86_64.rpm 7a65ca526a37b6850f4b33f1959d8595 corporate/3.0/SRPMS/squid-2.5.STABLE9-1.6.C30mdk.src.rpm
CS4.0 i586
db2095e0e73bb231ffe40897b1666fbf corporate/4.0/i586/squid-2.6.STABLE1-4.2.20060mlcs4.i586.rpm 7fff9071842f6d87f10643a66d858373 corporate/4.0/i586/squid-cachemgr-2.6.STABLE1-4.2.20060mlcs4.i586.rpm 46198dfe46b61033924be7a1050bf1d7 corporate/4.0/SRPMS/squid-2.6.STABLE1-4.2.20060mlcs4.src.rpm
CS3.0 i586
95c1ca980282b1c49b50a8507c7fd82d corporate/3.0/i586/squid-2.5.STABLE9-1.6.C30mdk.i586.rpm 7a65ca526a37b6850f4b33f1959d8595 corporate/3.0/SRPMS/squid-2.5.STABLE9-1.6.C30mdk.src.rpm
2006.0 x86_64
60c1f397b2ce5b283757b76da8c70df1 2006.0/x86_64/squid-2.5.STABLE10-10.3.20060mdk.x86_64.rpm b0ec419dcae41638d2f628f013c0e050 2006.0/x86_64/squid-cachemgr-2.5.STABLE10-10.3.20060mdk.x86_64.rpm 96bdafa2207c70e46e2c6b958748b884 2006.0/SRPMS/squid-2.5.STABLE10-10.3.20060mdk.src.rpm