Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in squid
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in squid
ID: MDVSA-2009:161
Distribution: Mandriva
Plattformen: Mandriva 2008.1, Mandriva 2009.0, Mandriva 2009.1
Datum: Di, 28. Juli 2009, 01:51
Referenzen: http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
Applikationen: Squid

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1248738691-13155-439


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:161
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : squid
 Date    : July 27, 2009
 Affected: 2008.1, 2009.0, 2009.1
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in squid:
 
 Due to incorrect buffer limits and related bound checks Squid is
 vulnerable to a denial of service attack when processing specially
 crafted requests or responses.
 
 Due to incorrect data validation Squid is vulnerable to a denial of
 service attack when processing specially crafted responses.
 
 This update provides fixes for these vulnerabilities.
 _______________________________________________________________________

 References:

 http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.1:
 e8f9817a56da85d7d49c602f8932f97d  2008.1/i586/squid-3.0-1.2mdv2008.1.i586.rpm
 e073730066a687d1c4918a3bee310b76 
 2008.1/i586/squid-cachemgr-3.0-1.2mdv2008.1.i586.rpm 
 2f7906bdeb7a4a0bb54c0bdb73ded61d  2008.1/SRPMS/squid-3.0-1.2mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 a69b2935de73a9e155082fe780ad33fc 
 2008.1/x86_64/squid-3.0-1.2mdv2008.1.x86_64.rpm
 748775149e48e9feeeed9bc8dc5032af 
 2008.1/x86_64/squid-cachemgr-3.0-1.2mdv2008.1.x86_64.rpm 
 2f7906bdeb7a4a0bb54c0bdb73ded61d  2008.1/SRPMS/squid-3.0-1.2mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 278f7299ace72030f591cc7b65a6da6b  2009.0/i586/squid-3.0-8.2mdv2009.0.i586.rpm
 74d1b3725d455597cdd70c0738c0c41d 
 2009.0/i586/squid-cachemgr-3.0-8.2mdv2009.0.i586.rpm 
 8e519b1f4084a6f9592a41ba12eef2b2  2009.0/SRPMS/squid-3.0-8.2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 0549854b66d263a0f6ea2b591120e410 
 2009.0/x86_64/squid-3.0-8.2mdv2009.0.x86_64.rpm
 c5df45087ab04a8672de713ee170f537 
 2009.0/x86_64/squid-cachemgr-3.0-8.2mdv2009.0.x86_64.rpm 
 8e519b1f4084a6f9592a41ba12eef2b2  2009.0/SRPMS/squid-3.0-8.2mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 8e1d67dadac6cd23a61b62012881b7fc  2009.1/i586/squid-3.0-14.1mdv2009.1.i586.rpm
 f74b71e8cffe0b7be58815c882e3271f 
 2009.1/i586/squid-cachemgr-3.0-14.1mdv2009.1.i586.rpm 
 476b0c52619fc23922d1a8f971ef49c9  2009.1/SRPMS/squid-3.0-14.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1/X86_64:
 7dd5a28f52f86dbcd34a5814e9d3ca13 
 2009.1/x86_64/squid-3.0-14.1mdv2009.1.x86_64.rpm
 b2caa24303c818b125a972fc130d088e 
 2009.1/x86_64/squid-cachemgr-3.0-14.1mdv2009.1.x86_64.rpm 
 476b0c52619fc23922d1a8f971ef49c9  2009.1/SRPMS/squid-3.0-14.1mdv2009.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKbhBrmqjQ0CJFipgRAjAXAKCwjsTbHwxiTbQ24tyhD9ZcbKMCngCfcmpM
2ZSkDLdAyKkNTyk+6BBb4bg=
=Cv4e
-----END PGP SIGNATURE-----


------------=_1248738691-13155-439
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1248738691-13155-439--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung