Fedora Core 3: FEDORA-2005-106 Moderate: Squid Buffer Overflow

Squid is a high-performance proxy caching server for Web clients,

supporting FTP, gopher, and HTTP data objects. Unlike traditional

caching software, Squid handles all requests in a single,

non-blocking, I/O-driven process. Squid keeps meta data and especially

hot objects cached in RAM, caches DNS lookups, supports non-blocking

DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System

lookup program (dnsserver), a program for retrieving FTP data

(ftpget), and some management and client tools.

- Add more upstream patches, including fixes for

bz#146783 Correct handling of oversized reply headers

bz#146778 CAN-2005-0211 Buffer overflow in WCCP recvfrom() call

* Thu Jan 20 2005 Jay Fenlason 7:2.5.STABLE7-1.FC3

- Upgrade to 2.5.STABLE7 and 18 upstream patches.

- This includes fixes for CAN-2005-0094 CAN-2005-0095 CAN-2004-0096

and CAN-2004-0097. This closes bz#145543 and bz#141938

- This obsoletes Ulrich Drepper's -nonbl patch.

- Add a triggerin on samba-common to make /var/cache/samba/winbindd_privileged

accessable so that ntlm_auth will work.

This fixes bz#103726

c2ae3c222bcb22ffe2ec455ffdd58c40 SRPMS/squid-2.5.STABLE7-1.FC3.1.src.rpm

4603f33429e68a2708fea1be672e8ec1 x86_64/squid-2.5.STABLE7-1.FC3.1.x86_64.rpm

45c5b51da3d7d27f2a43fede8c4fa6ba x86_64/debug/squid-debuginfo-2.5.STABLE7-1.FC3.1.x86_64.rpm

a5da0049001bb747acbb775e8fd3cf41 i386/squid-2.5.STABLE7-1.FC3.1.i386.rpm

e64308ac878f020f8b49fa878006f110 i386/debug/squid-debuginfo-2.5.STABLE7-1.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com