drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in squid
Name: |
Mehrere Probleme in squid
|
|
ID: |
FEDORA-2005-373 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora Core 3 |
|
Datum: |
Mi, 18. Mai 2005, 13:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1519 |
|
Applikationen: |
Squid |
|
Originalnachricht |
--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-373 2005-05-17 ---------------------------------------------------------------------
Product : Fedora Core 3 Name : squid Version : 2.5.STABLE9 Release : 1.FC3.6 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests.
Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.
---------------------------------------------------------------------
* Mon May 16 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-1.FC3.6
- More upstream patches, including ones for bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks bz#156162 CVE-1999-0710 cachemgr.cgi access control bypass
- The following bugs had already been fixed, but the announcements were lost bz#156711 CAN-2005-1390 HTTP Request Smuggling Vulnerabilities bz#156703 CAN-2005-1389 HTTP Response Splitting Vulnerabilities (Both fixed by squid-7:2.5.STABLE8-1.FC3.1) bz#151419 Unexpected access control results on configuration errors (Fixed by 7:2.5.STABLE9-1.FC3.2) bz#152647#squid-2.5.STABLE9-1.FC3.4.x86_64.rpm is broken (fixed by 7:2.5.STABLE9-1.FC3.5) bz#141938 squid ldap authentification broken (Fixed by 7:2.5.STABLE7-1.FC3)
* Fri Apr 1 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-1.FC3.5
- More upstream patches, including a new version of the -2GB patch that doesn't break diskd.
--------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
c94ce8b9fc2ae09b867fa73a4036901b SRPMS/squid-2.5.STABLE9-1.FC3.6.src.rpm 6862c9189f1686280b95a31501ce5283 x86_64/squid-2.5.STABLE9-1.FC3.6.x86_64.rpm 5e96af43a684836da7e88279a5643b1a x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.x86_64.rpm 81f8f55caf7f423054356ae57c2d02f9 i386/squid-2.5.STABLE9-1.FC3.6.i386.rpm e912773d9f9889686a70debe1c1146c8 i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.i386.rpm
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------
-- fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
|
|