It was discovered that squid3, a high-performance proxy caching server for web clients, is prone to several denial of service attacks. Due to incorrect bounds checking and insufficient validation while processing response and request data an attacker is able to crash the squid daemon via crafted requests or responses. This update to DSA-1843-1 includes updated upstream patches which add checks for a corner-case in which an incomplete server reply could also lead to denial of service conditions as well as more debugging information. The squid package in the oldstable distribution is not affected by this problem. For the stable distribution , this problem has been fixed in version 3.0.STABLE8-3+lenny2. For the testing distribution , this problem will be fixed soon. For the unstable distribution , this problem has been fixed in version 3.0.STABLE18-1. We recommend that you upgrade your squid3 packages.