Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 9: 2009-1517 Critical Fix For Squid Denial Of Service

fedora
Calendar Grey February 12, 2009
Dist Fedora Esm H88
Fedora 10's Apache patch addresses several critical vulnerabilities. Update to the most recent stable version for better protection against threats.
upgrade to latest upstream

Summary

Squid is a high-performance proxy caching server for Web clients,

supporting FTP, gopher, and HTTP data objects. Unlike traditional

caching software, Squid handles all requests in a single,

non-blocking, I/O-driven process. Squid keeps meta data and especially

hot objects cached in RAM, caches DNS lookups, supports non-blocking

DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System

lookup program (dnsserver), a program for retrieving FTP data

(ftpget), and some management and client tools.

* Thu Feb 5 2009 Jonathan Steffan - 7:3.0.STABLE13-1

- upgrade to latest upstream

* Thu Jan 29 2009 Henrik Nordstrom - 7:3.0.STABLE12-1

- upgrade to latest upstream

* Fri Dec 19 2008 Henrik Nordstrom - 7:3.0.STABLE10-3

- actually include the upstream bugfixes in the build

* Fri Dec 19 2008 Henrik Nordstrom - 7:3.0.STABLE10-2

- upstream bugfixes for cache corruption and access.log response size errors

* Fri Oct 24 2008 Henrik Nordstrom - 7:3.0.STABLE10-1

- upgrade to latest upstream

- change logrotate to move instead of copytruncate

- disable coss support, not officially supported in 3.0

* Fri Oct 3 2008 Jiri Skala - 7:3.0.STABLE7-2

- Resolves: #463129 - optional config file

- Resolves: #458593 - noisy init script

- Resolves: #450352 - build.patch patches only generated files

* Mon Jun 30 2008 Jiri Skala - 7:3.0.STABLE7-1

- upgrade to latest upstream

- fix CVE-2004-0918 Squid SNMP DoS [Fedora 9] (#453214)

* Mon May 26 2008 Martin Nagy - 7:3.0.STABLE6-1

- upgrade to latest upstream

- fix bad allocation (#447045)

* Fri May 9 2008 Alexandre Oliva - 7:3.0.STABLE2-3

- fix configure detection of netfilter kernel headers (#435499)

[ 1 ] Bug #484246 - CVE-2009-0478 Squid denial of service flaw

https://bugzilla.redhat.com/show_bug.cgi?id=484246

su -c 'yum update squid' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory denial of service Fedora critical fix Squid

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 9
Version: 3.0.STABLE13
Release: 1.fc9
URL: http://www.squid-cache.org
Summary: The Squid proxy caching server

Topics%20covered

Topics Covered

security advisory denial of service Fedora critical fix Squid

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here