Steffen Joeris
2009-Feb-04 18:08 UTC
[Secure-testing-team] Bug#514142: squid: denial of service via crafted request
Package: squid Severity: grave Tags: security Justification: user security hole Hi A DoS issue has been reported[0] for squid. So far I cannot see the vulnerable code in the stable release, but it would be nice, if you could check that as well. Lenny seems to be affected and needs fixing. I''ve just build updated packages for testing-security with the upstream patch[1]. On a first glance, the patch looked ok. I''ll need to test the packages and do some further checking, but would appreciate some comments. Cheers Steffen [0]: http://www.squid-cache.org/Advisories/SQUID-2009_1.txt [1]: http://klecker.debian.org/~white/squid/