Source: squid Version: 2.7.STABLE9-4.1 Severity: important Tags: security upstream patch
Squid 2.x is vulnerable to a DoS attack when parsing Range requests, see the upstream announcement[0]. Luigi, I will upload 2.7.STABLE9-4.1+deb7u1 to wheezy-security today, would you like me to fix unstable as well, or will you take care of extracting the appropriate patch yourself ? Cheers, --Seb [0] http://www.squid-cache.org/Advisories/SQUID-2014_2.txt -- System Information: Debian Release: jessie/sid APT prefers squeeze-lts APT policy: (500, 'squeeze-lts'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
