Nom du paquet
squid
Date
2007-03-22
Advisory ID
MDKSA-2007:068
Affected versions
CS4.0 x86_64 , MNF2.0 i586 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64

Problem description

Due to an internal error Squid-2.6 is vulnerable to a denial of service
attack when processing the TRACE request method. This problem allows
any client trusted to use the service to perform a denial of service
attack on the Squid service.

Updated packages have been patched to address this issue.

Updated packages

CS4.0 x86_64

 0e5bb0f771ab24c33cd83df0b5ce6925  corporate/4.0/x86_64/squid-2.6.STABLE1-4.3.20060mlcs4.x86_64.rpm
 318eefc20e4b2e90f297edd4e0d3b9b4  corporate/4.0/x86_64/squid-cachemgr-2.6.STABLE1-4.3.20060mlcs4.x86_64.rpm 
 37dc55633b7cf98ac69109074bf19eb9  corporate/4.0/SRPMS/squid-2.6.STABLE1-4.3.20060mlcs4.src.rpm

MNF2.0 i586

 0eb2b836cb6c6f04b7bdf588a82de958  mnf/2.0/i586/squid-2.5.STABLE9-1.7.M20mdk.i586.rpm 
 bd364264eb1262e255b796714cbe2f58  mnf/2.0/SRPMS/squid-2.5.STABLE9-1.7.M20mdk.src.rpm

2006.0 i586

 e56b626c99d9fde6e6ce2e3229365507  2006.0/i586/squid-2.5.STABLE10-10.4.20060mdk.i586.rpm
 fe14ce71483e6d00471a9b157f1394ad  2006.0/i586/squid-cachemgr-2.5.STABLE10-10.4.20060mdk.i586.rpm 
 e3dca65061ce799f0a14843ff6c9494e  2006.0/SRPMS/squid-2.5.STABLE10-10.4.20060mdk.src.rpm

2007.0 x86_64

 5eefe7e1c4c3220e38d7832690cb323d  2007.0/x86_64/squid-2.6.STABLE1-4.3mdv2007.0.x86_64.rpm
 6b0627995c722c40a0159979553a89ff  2007.0/x86_64/squid-cachemgr-2.6.STABLE1-4.3mdv2007.0.x86_64.rpm 
 39da38403992ae890878163921074e66  2007.0/SRPMS/squid-2.6.STABLE1-4.3mdv2007.0.src.rpm

2007.0 i586

 054f7d10fda6b956f9dc3631dfc6d4b0  2007.0/i586/squid-2.6.STABLE1-4.3mdv2007.0.i586.rpm
 cff3225c30326efd3b60d22a0834556a  2007.0/i586/squid-cachemgr-2.6.STABLE1-4.3mdv2007.0.i586.rpm 
 39da38403992ae890878163921074e66  2007.0/SRPMS/squid-2.6.STABLE1-4.3mdv2007.0.src.rpm

CS3.0 x86_64

 d7f677e1f272e638ee960755459b1ded  corporate/3.0/x86_64/squid-2.5.STABLE9-1.7.C30mdk.x86_64.rpm 
 c19c9d0a546f9a49760ef0fdff1c3b20  corporate/3.0/SRPMS/squid-2.5.STABLE9-1.7.C30mdk.src.rpm

CS4.0 i586

 6ab68dde26eb1474b501e657dffa8559  corporate/4.0/i586/squid-2.6.STABLE1-4.3.20060mlcs4.i586.rpm
 9bdf42003bc25b658a0a1f068161e88a  corporate/4.0/i586/squid-cachemgr-2.6.STABLE1-4.3.20060mlcs4.i586.rpm 
 37dc55633b7cf98ac69109074bf19eb9  corporate/4.0/SRPMS/squid-2.6.STABLE1-4.3.20060mlcs4.src.rpm

CS3.0 i586

 a986e19d7ba9623b4dda97a6bba72f79  corporate/3.0/i586/squid-2.5.STABLE9-1.7.C30mdk.i586.rpm 
 c19c9d0a546f9a49760ef0fdff1c3b20  corporate/3.0/SRPMS/squid-2.5.STABLE9-1.7.C30mdk.src.rpm

2006.0 x86_64

 76f9515ef619dfef179bcd89195fe922  2006.0/x86_64/squid-2.5.STABLE10-10.4.20060mdk.x86_64.rpm
 2ef40237eb928e6c93c769b5a89e9436  2006.0/x86_64/squid-cachemgr-2.5.STABLE10-10.4.20060mdk.x86_64.rpm 
 e3dca65061ce799f0a14843ff6c9494e  2006.0/SRPMS/squid-2.5.STABLE10-10.4.20060mdk.src.rpm

References