** Also affects: squid3 (Ubuntu Lucid) Importance: Undecided Status: New
** Also affects: squid3 (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: squid3 (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: squid3 (Ubuntu Natty) Importance: Undecided Status: New ** Changed in: squid3 (Ubuntu) Status: New => Fix Released ** Description changed: Description Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3205 https://bugzilla.redhat.com/show_bug.cgi?id=734583 Patch: http://www.squid- cache.org/Versions/v3/3.0/changesets/squid-3.0-9193.patch + + Fixed in Version: Squid 3.0.STABLE26, 3.1.15, 3.2.0.11 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid3 in Ubuntu. https://bugs.launchpad.net/bugs/907690 Title: CVE-2011-3205: DoS (memory corruption and daemon restart) or remote Gopher servers. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/907690/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs