Fedora Core 2: FEDORA-2004-330 Critical DoS Threat Update for Squid

Squid is a high-performance proxy caching server for Web clients,

supporting FTP, gopher, and HTTP data objects. Unlike traditional

caching software, Squid handles all requests in a single,

non-blocking, I/O-driven process. Squid keeps meta data and especially

hot objects cached in RAM, caches DNS lookups, supports non-blocking

DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System

lookup program (dnsserver), a program for retrieving FTP data

(ftpget), and some management and client tools.

This update fixes a potential DoS against squid that was reported by

Secunia. See

About Secunia Research | Flexera

for details.

* Fri Oct 01 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE3-4.fc2.1

* Fri Oct 01 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE3-4.fc2.1

- Modify the entry for /etc/squid.conf in this spec file to set the

permissions to 640 owned by root:squid. This will protect passwords

stored in the file from prying eyes, and close #125007

- Include the -proxy-abuse patch, which closes #133970

This update can be downloaded from:

7419c4a407998180020030c89f44fc87 SRPMS/squid-2.5.STABLE5-4.fc2.1.src.rpm

e2a0f29bbdbe44cff75f0ba644a7fbba x86_64/squid-2.5.STABLE5-4.fc2.1.x86_64.rpm

4cb91edbca411b00aef3008920ae9714 x86_64/debug/squid-debuginfo-2.5.STABLE5-4.fc2.1.x86_64.rpm

730574b7d98c1c77b33529591989f191 i386/squid-2.5.STABLE5-4.fc2.1.i386.rpm

a7a7f22361580f62f166ace5b5bc3316 i386/debug/squid-debuginfo-2.5.STABLE5-4.fc2.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

--

fedora-announce-list mailing list

fedora-announce-list@redhat.com

fedora-announce-list Info Page