drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in squid
| Name: |
Mehrere Probleme in squid
|
|
| ID: |
FEDORA-2005-373 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora Core 3 |
|
| Datum: |
Mi, 18. Mai 2005, 13:00 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1519 |
|
| Applikationen: |
Squid |
|
Originalnachricht |
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-373
2005-05-17
---------------------------------------------------------------------
Product : Fedora Core 3
Name : squid
Version : 2.5.STABLE9
Release : 1.FC3.6
Summary : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.
Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.
---------------------------------------------------------------------
* Mon May 16 2005 Jay Fenlason <fenlason@redhat.com>
7:2.5.STABLE9-1.FC3.6
- More upstream patches, including ones for
bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks
bz#156162 CVE-1999-0710 cachemgr.cgi access control bypass
- The following bugs had already been fixed, but the announcements were lost
bz#156711 CAN-2005-1390 HTTP Request Smuggling Vulnerabilities
bz#156703 CAN-2005-1389 HTTP Response Splitting Vulnerabilities
(Both fixed by squid-7:2.5.STABLE8-1.FC3.1)
bz#151419 Unexpected access control results on configuration errors
(Fixed by 7:2.5.STABLE9-1.FC3.2)
bz#152647#squid-2.5.STABLE9-1.FC3.4.x86_64.rpm is broken
(fixed by 7:2.5.STABLE9-1.FC3.5)
bz#141938 squid ldap authentification broken
(Fixed by 7:2.5.STABLE7-1.FC3)
* Fri Apr 1 2005 Jay Fenlason <fenlason@redhat.com>
7:2.5.STABLE9-1.FC3.5
- More upstream patches, including a new version of the -2GB patch
that doesn't break diskd.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
c94ce8b9fc2ae09b867fa73a4036901b SRPMS/squid-2.5.STABLE9-1.FC3.6.src.rpm
6862c9189f1686280b95a31501ce5283 x86_64/squid-2.5.STABLE9-1.FC3.6.x86_64.rpm
5e96af43a684836da7e88279a5643b1a
x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.x86_64.rpm
81f8f55caf7f423054356ae57c2d02f9 i386/squid-2.5.STABLE9-1.FC3.6.i386.rpm
e912773d9f9889686a70debe1c1146c8
i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
|
|
