Package name
squid
Date
2008-01-04
Advisory ID
MDVSA-2008:002
Affected versions
CS4.0 i586 , CS4.0 x86_64 , MNF2.0 i586 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.0 i586 , 2007.1 x86_64

Problem description

The cache update reply processing functionality in Squid 2.x before
2.6.STABLE17, and Squid 3.0, allows remote attackers to cause a denial
of service (crash) via unknown vectors related to HTTP headers.

The updated package fixes this issue.

Updated packages

CS4.0 i586

 69d5364d1187f459934c86e311bf6d96  corporate/4.0/i586/squid-2.6.STABLE1-4.4.20060mlcs4.i586.rpm
 9cab80bad8eac5d17af87f8411185529  corporate/4.0/i586/squid-cachemgr-2.6.STABLE1-4.4.20060mlcs4.i586.rpm 
 33c75a040e930c85e7668b160216558a  corporate/4.0/SRPMS/squid-2.6.STABLE1-4.4.20060mlcs4.src.rpm

CS4.0 x86_64

 37a81cbfac6f8937fd74e4b672e04019  corporate/4.0/x86_64/squid-2.6.STABLE1-4.4.20060mlcs4.x86_64.rpm
 df0f15a253003d6b2c234e4a5ccfbff1  corporate/4.0/x86_64/squid-cachemgr-2.6.STABLE1-4.4.20060mlcs4.x86_64.rpm 
 33c75a040e930c85e7668b160216558a  corporate/4.0/SRPMS/squid-2.6.STABLE1-4.4.20060mlcs4.src.rpm

MNF2.0 i586

 0d291e6348ec79f86213230619ce7cfd  mnf/2.0/i586/squid-2.5.STABLE9-1.8.M20mdk.i586.rpm 
 2192fc9b2b9e1e000e144abf8e054860  mnf/2.0/SRPMS/squid-2.5.STABLE9-1.8.M20mdk.src.rpm

2007.0 x86_64

 c2ed1ce138a117d92a9d1258e19853a4  2007.0/x86_64/squid-2.6.STABLE1-4.4mdv2007.0.x86_64.rpm
 8b1db434ee0e509aa71d7b1c81f62665  2007.0/x86_64/squid-cachemgr-2.6.STABLE1-4.4mdv2007.0.x86_64.rpm 
 37dfa22f24df058851acc5c3c1b5879d  2007.0/SRPMS/squid-2.6.STABLE1-4.4mdv2007.0.src.rpm

2007.1 i586

 4e5314934a52d574cfab66fab288fec1  2007.1/i586/squid-2.6.STABLE7-2.1mdv2007.1.i586.rpm
 ea5fff3e07bb15bca7a2c3b3fd1dce43  2007.1/i586/squid-cachemgr-2.6.STABLE7-2.1mdv2007.1.i586.rpm 
 8ae95395bd9b0bd3888561ce359048db  2007.1/SRPMS/squid-2.6.STABLE7-2.1mdv2007.1.src.rpm

2007.0 i586

 96faafb7a9e07b278a0aafa84bf926ae  2007.0/i586/squid-2.6.STABLE1-4.4mdv2007.0.i586.rpm
 03fad047effae58ca2489e80aa1bfa5b  2007.0/i586/squid-cachemgr-2.6.STABLE1-4.4mdv2007.0.i586.rpm 
 37dfa22f24df058851acc5c3c1b5879d  2007.0/SRPMS/squid-2.6.STABLE1-4.4mdv2007.0.src.rpm

CS3.0 x86_64

 2c0eaf65b0c65bb56793bce55d2ac0fc  corporate/3.0/x86_64/squid-2.5.STABLE9-1.8.C30mdk.x86_64.rpm 
 068c0327621ff22367dd979aa9f7ecee  corporate/3.0/SRPMS/squid-2.5.STABLE9-1.8.C30mdk.src.rpm

2008.0 x86_64

 ee831d24d0027f9e30d329ba19481572  2008.0/x86_64/squid-2.6.STABLE16-1.2mdv2008.0.x86_64.rpm
 4d788055f21fd55b228881b66d4e351e  2008.0/x86_64/squid-cachemgr-2.6.STABLE16-1.2mdv2008.0.x86_64.rpm 
 3b7ac01f28af138e6a4a911ea13c3014  2008.0/SRPMS/squid-2.6.STABLE16-1.2mdv2008.0.src.rpm

CS3.0 i586

 b80be38521a9c761ddeb3fac585a5bef  corporate/3.0/i586/squid-2.5.STABLE9-1.8.C30mdk.i586.rpm 
 068c0327621ff22367dd979aa9f7ecee  corporate/3.0/SRPMS/squid-2.5.STABLE9-1.8.C30mdk.src.rpm

2008.0 i586

 471283e5ec222b4558804201ed528580  2008.0/i586/squid-2.6.STABLE16-1.2mdv2008.0.i586.rpm
 aae1cede196ab3ee8ce872a4f9339197  2008.0/i586/squid-cachemgr-2.6.STABLE16-1.2mdv2008.0.i586.rpm 
 3b7ac01f28af138e6a4a911ea13c3014  2008.0/SRPMS/squid-2.6.STABLE16-1.2mdv2008.0.src.rpm

2007.1 x86_64

 c4b1a7b86c812f272601c76c757a456e  2007.1/x86_64/squid-2.6.STABLE7-2.1mdv2007.1.x86_64.rpm
 48bd862e07da9f1aacbf8f4e30ebc734  2007.1/x86_64/squid-cachemgr-2.6.STABLE7-2.1mdv2007.1.x86_64.rpm 
 8ae95395bd9b0bd3888561ce359048db  2007.1/SRPMS/squid-2.6.STABLE7-2.1mdv2007.1.src.rpm

References