Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Red Hat: RHSA-2005:060-01 Important: Squid Buffer Overflow

red hat
Calendar Grey February 15, 2005
Dist Redhat Esm H88
Crucial patch released for Squid addresses severe vulnerabilities in Red Hat Enterprise Linux settings and boosts security measures.
An updated Squid package that fixes several security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team...

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

145545 - CAN-2005-0094 Multiple issues with squid (CAN-2005-0095 CAN-2005-0096 CAN-2005-0097) 146161 - CAN-2005-0173 Multiple squid issues (CAN-2005-0174 CAN-2005-0175) 146779 - CAN-2005-0211 Buffer overflow in WCCP recvfrom() call 146785 - CAN-2005-0241 Correct handling of oversized reply headers

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: 7277978921fd67b35f6deeee0cc32273 squid-2.5.STABLE6-3.4E.3.src.rpm

i386: dc2dd466144276fcb01f3bd73a989668 squid-2.5.STABLE6-3.4E.3.i386.rpm

ia64: df80c5246c60f9539bb6bfb1a07ee7b2 squid-2.5.STABLE6-3.4E.3.ia64.rpm

ppc: 7d7514da0ef3c1e1202acbd592bc81b7 squid-2.5.STABLE6-3.4E.3.ppc.rpm

s390: 255a26fb9e66cfdef033a0b5b447d514 squid-2.5.STABLE6-3.4E.3.s390.rpm

s390x: b15467fc7e196cc321c5408258202344 squid-2.5.STABLE6-3.4E.3.s390x.rpm

x86_64: 2cb406db7fc4c97d4f4b33452cae9f15 squid-2.5.STABLE6-3.4E.3.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 7277978921fd67b35f6deeee0cc32273 squid-2.5.STABLE6-3.4E.3.src.rpm

i386: dc2dd466144276fcb01f3bd73a989668 squid-2.5.STABLE6-3.4E.3.i386.rpm

x86_64: 2cb406db7fc4c97d4f4b33452cae9f15 squid-2.5.STABLE6-3.4E.3.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 7277978921fd67b35f6deeee0cc32273 squid-2.5.STABLE6-3.4E.3.src.rpm

i386: dc2dd466144276fcb01f3bd73a989668 squid-2.5.STABLE6-3.4E.3.i386.rpm

ia64: df80c5246c60f9539bb6bfb1a07ee7b2 squid-2.5.STABLE6-3.4E.3.ia64.rpm

x86_64: 2cb406db7fc4c97d4f4b33452cae9f15 squid-2.5.STABLE6-3.4E.3.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 7277978921fd67b35f6deeee0cc32273 squid-2.5.STABLE6-3.4E.3.src.rpm

i386: dc2dd466144276fcb01f3bd73a989668 squid-2.5.STABLE6-3.4E.3.i386.rpm

ia64: df80c5246c60f9539bb6bfb1a07ee7b2 squid-2.5.STABLE6-3.4E.3.ia64.rpm

x86_64: 2cb406db7fc4c97d4f4b33452cae9f15 squid-2.5.STABLE6-3.4E.3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

http://www.squid-cache.org/Advisories/SQUID-2005_1.txt http://www.squid-cache.org/Advisories/SQUID-2005_2.txt http://www.squid-cache.org/Advisories/SQUID-2005_3.txt http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces https://www.cve.org/CVERecord?id=CAN-2005-0094 https://www.cve.org/CVERecord?id=CAN-2005-0095 https://www.cve.org/CVERecord?id=CAN-2005-0096 https://www.cve.org/CVERecord?id=CAN-2005-0097 https://www.cve.org/CVERecord?id=CAN-2005-0173 https://www.cve.org/CVERecord?id=CAN-2005-0174 https://www.cve.org/CVERecord?id=CAN-2005-0175 https://www.cve.org/CVERecord?id=CAN-2005-0211 https://www.cve.org/CVERecord?id=CAN-2005-0241

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2005:060-01
Issue date: 2005-02-15
Updated on: 2005-02-15
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here