DSA-2111-1 squid3 -- denial of serviceID: oval:org.secpod.oval:def:600145 | Date: (C)2011-01-28 (M)2022-10-10 |
Class: PATCH | Family: unix |
Phil Oester discovered that squid3, a fully featured Web Proxy cache, is prone to a denial of service attack via a specially crafted request that includes empty strings. For the stable distribution , this problem has been fixed in version 3.0.STABLE8-3+lenny4. For the testing distribution , this problem will be fixed soon. For the unstable distribution , this problem has been fixed in version 3.1.6-1.1. We recommend that you upgrade your squid3 packages.