Fedora 25: FEDORA-2016-c614315d29 Critical: Squid Update for DoS Issues
fedora
January 20, 2017
Security fix for CVE-2016-10002, CVE-2016-10003 ---- Version update and bugfix of #1392476
Summary
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.
Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.
Update Information:
Security fix for CVE-2016-10002, CVE-2016-10003 ---- Version update and bugfix of #1392476
Topics Covered
Change Log
References
[ 1 ] Bug #1405943 - CVE-2016-10003 squid: Information disclosure in Collapsed forwarding
https://bugzilla.redhat.com/show_bug.cgi?id=1405943
[ 2 ] Bug #1405941 - CVE-2016-10002 squid: Information disclosure in HTTP request processing
https://bugzilla.redhat.com/show_bug.cgi?id=1405941
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade squid' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: squid
Product: Fedora 25
Version: 4.0.17
Release: 1.fc25
Summary: The Squid proxy caching server
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!