From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1991-1
[email protected] http://www.debian.org/security/ Steffen Joeris
February 04, 2010
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : squid/squid3
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE Ids : CVE-2009-2855 CVE-2010-0308
Debian Bug : 534982
Two denial of service vulnerabilities have been discovered in
squid and squid3, a web proxy. The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2009-2855
Bastian Blank discovered that it is possible to cause a denial of
service via a crafted auth header with certain comma delimiters.
CVE-2010-0308
Tomas Hoger discovered that it is possible to cause a denial of service
via invalid DNS header-only packets.
For the stable distribution (lenny), these problems have been fixed in
version 2.7.STABLE3-4.1lenny1 of the squid package and version 3.0.STABLE8-3+lenny3 of the squid3 package.
For the oldstable distribution (etch), these problems have been fixed in version 2.6.5-6etch5 of the squid package and version 3.0.PRE5-5+etch2
of the squid3 package.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems will be fixed soon.
We recommend that you upgrade your squid/squid3 packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5.diff.gz
Size/MD5 checksum: 274283 f35fba0ebbd63b22786d04c8775aacf6
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2.dsc
Size/MD5 checksum: 736 afa36dab050b287f83cb9ff2f802c52c
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5.orig.tar.gz
Size/MD5 checksum: 3061614 35cc83c17afb17c4718ffc8d0d71bcae
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2.diff.gz
Size/MD5 checksum: 13917 b19a43d3e4fd77350b8f4f7343a3169c
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5.orig.tar.gz
Size/MD5 checksum: 1636886 26cc918028340dc8ceb9c0c4b988d717
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5.dsc
Size/MD5 checksum: 678 2e53013dd1d22bc98d694c4b0775a715
Architecture independent packages:
http://security.debian.org/pool/updates/main/s/squid3/squid3-common_3.0.PRE5-5+etch2_all.deb
Size/MD5 checksum: 245540 c4dfb7902e784ae1d3272237f744581c
http://security.debian.org/pool/updates/main/s/squid/squid-common_2.6.5-6etch5_all.deb
Size/MD5 checksum: 439698 69401a11436668a2e47c1886ed671d97
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_alpha.deb
Size/MD5 checksum: 72214 14713da6c162394cedb830e077c7fd76
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_alpha.deb
Size/MD5 checksum: 67820 240b81667c88a8d36d6a956de4a5f63c
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_alpha.deb
Size/MD5 checksum: 887818 2189938d4adca4944f2e80b1410270ca
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_alpha.deb
Size/MD5 checksum: 119894 0f37fae0a9c76523d4c94c910288db09
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_alpha.deb
Size/MD5 checksum: 793752 86de0371720bd75455d4dad8680fb57e
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_alpha.deb
Size/MD5 checksum: 88574 c0198db9fc0625a9344d8c732edcd4b3
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_amd64.deb
Size/MD5 checksum: 117318 7d842bc07551d277ca2b9fad8a4cfd8c
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_amd64.deb
Size/MD5 checksum: 86646 9366ef6a3699b718c2d8bfb8e2cc1c60
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_amd64.deb
Size/MD5 checksum: 709444 b0fee816e56a72c0286b280eb1580b74
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_hppa.deb
Size/MD5 checksum: 748582 b8c46c88df2c4cfc2616d4f072574e1d
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_hppa.deb
Size/MD5 checksum: 88168 f81c4c96b838df6b1c2a88f6ed7d8dd9
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_hppa.deb
Size/MD5 checksum: 929026 98f55b0471c50ceb6bb465f11dca4e03
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_hppa.deb
Size/MD5 checksum: 118808 c020a98bd4a7da35597f9807592a5b77
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_hppa.deb
Size/MD5 checksum: 66612 537a6daa5972353ecd0ff2c5875f62ca
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_hppa.deb
Size/MD5 checksum: 70078 07cdb9fee89b9e117620abb860ea2932
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_i386.deb
Size/MD5 checksum: 86030 6688fcc15664c2eb7c8326bac53188bb
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_i386.deb
Size/MD5 checksum: 68408 e3ddb9042ba9ed6216cfd91c29629cf9
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_i386.deb
Size/MD5 checksum: 117372 1a907bd4666d4de8298b99a6b97d8b9c
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)