[UCI-Linux] [SECURITY] Fedora Core 2 Update: squid-2.5.STABLE7-1.FC2.1

Mike Iglesias IGLESIAS at uci.edu
Tue Feb 1 19:05:26 PST 2005

From: Jay Fenlason <fenlason at redhat.com>
To: fedora-announce-list at redhat.com
Date: Tue, 1 Feb 2005 21:47:33 -0500
Subject: [SECURITY] Fedora Core 2 Update: squid-2.5.STABLE7-1.FC2.1

Many security holes in Squid are closed by this update.  If you run
Squid, you should upgrade.

Fedora Update Notification

Product     : Fedora Core 2
Name        : squid
Version     : 2.5.STABLE7                      
Release     : 1.FC2.1                  
Summary     : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.


* Tue Feb 01 2005 Jay Fenlason <fenlason at redhat.com> 7:2.5.STABLE7-1.FC2.1

- Add more upstream patches, including fixes for 
  bz#146783  Correct handling of oversized reply headers
  bz#146778  CAN-2005-0211 Buffer overflow in WCCP recvfrom() call

* Thu Jan 20 2005 Jay Fenlason <fenlason at redhat.com> 7:2.5.STABLE7-1.FC2

- Upgrade to 2.5.STABLE7 and 18 upstream patches.
- This includes fixes for CAN-2005-0094 CAN-2005-0095 CAN-2004-0096
  and CAN-2004-0097.  This closes bz#145543 and bz#141938
- This obsoletes Ulrich Drepper's -nonbl patch.
- Add a triggerin on samba-common to make /var/cache/samba/winbindd_privileged
  accessable so that ntlm_auth will work.
  This fixes bz#103726

* Mon Oct 18 2004 Jay Fenlason <fenlason at redhat.com> 7:2.5.STABLE6-3

- include patch from Ulrich Drepper <drepper at redhat.com> to stop
  problems with O_NONBLOCK.  This closes #136049

This update can be downloaded from:

2d9d0ffe41d21349bff23bf24bb676f7  SRPMS/squid-2.5.STABLE7-1.FC2.1.src.rpm
f49233765b306a7c62743a50e26d5d01  x86_64/squid-2.5.STABLE7-1.FC2.1.x86_64.rpm
4a6b39871c52d57635db8882273954a8  x86_64/debug/squid-debuginfo-2.5.STABLE7-1.FC2.1.x86_64.rpm
9168e1536b498db053ff69441a9e2107  i386/squid-2.5.STABLE7-1.FC2.1.i386.rpm
6d382f419ed3ae047d57eaf13f1223ad  i386/debug/squid-debuginfo-2.5.STABLE7-1.FC2.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list