Package: squid3 Severity: grave Tags: security Hi, 3.1.7 fixes a security issue: http://marc.info/?l=squid-users&m=128263555724981&w=2
> One regression introduced with 3.1.6 when contacting IPv4-only DNS > resolvers opens a small but exploitable DoS vulnerability. All users of > Squid-3.1.6 are urged to upgrade to this release as soon as possible. This has been assigned CVE-2010-2951. Lenny is not affected. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages squid3 depends on: ii adduser 3.112 add and remove users and groups ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib pn libdb4.6 <none> (no description available) ii libgcc1 1:4.4.4-9 GCC support library ii libldap-2.4-2 2.4.23-3 OpenLDAP libraries ii libpam0g 1.1.1-4 Pluggable Authentication Modules l ii libsasl2-2 2.1.23.dfsg1-5.1 Cyrus SASL - authentication abstra ii libstdc++6 4.4.4-9 The GNU Standard C++ Library v3 ii logrotate 3.7.8-6 Log rotation utility ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip ii netbase 4.42 Basic TCP/IP networking system pn squid3-common <none> (no description available) squid3 recommends no packages. Versions of packages squid3 suggests: pn resolvconf <none> (no description available) pn smbclient <none> (no description available) pn squid3-cgi <none> (no description available) pn squidclient <none> (no description available) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org