Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Scientific Linux: CVE-2007-6239 Moderate: Squid Denial of Service Threat

Scientific Large Esm H446
Moderate: squid security update
Date: Wed, 19 Dec 2007 15:17:44 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA for squid on SL5.x, SL4.x, SL3,x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis:	Moderate: squid security update
Issue date:	2007-12-18
CVE Names:	CVE-2007-6239

A flaw was found in the way squid stored HTTP headers for cached objects
in system memory. An attacker could cause squid to use additional memory,
and trigger high CPU usage when processing requests for certain cached
objects, possibly leading to a denial of service. (CVE-2007-6239)

SL 3.0.x

 SRPMS:
squid-2.5.STABLE3-8.3E.src.rpm
 i386:
squid-2.5.STABLE3-8.3E.i386.rpm
 x86_64:
squid-2.5.STABLE3-8.3E.x86_64.rpm

SL 4.x

 SRPMS:
squid-2.5.STABLE14-1.4E.el4_6.1.src.rpm
 i386:
squid-2.5.STABLE14-1.4E.el4_6.1.i386.rpm
 x86_64:
squid-2.5.STABLE14-1.4E.el4.1.x86_64.rpm

SL 5.x

 SRPMS:
squid-2.6.STABLE6-5.el5_1.2.src.rpm
 i386:
squid-2.6.STABLE6-5.el5_1.2.i386.rpm
 x86_64:
squid-2.6.STABLE6-5.el5_1.2.x86_64.rpm

-Connie Sieh
-Troy Dawson