| Red Hat, Inc. Security
Advisory |
||
| Package | squid | |
| Synopsis | Potential misuse of squid cachemgr.cgi | |
| Advisory ID | RHSA-1999:025-01 | |
| Issue Date | 1999-07-29 | |
| Keywords | squid cachemgr.cgi connect | |
|
1. Topic:
2. Bug IDs fixed:
3. Relevant releases/architectures:
4. Obsoleted by:
5. Conflicts with:
6. RPMs required: Intel:
squid-
2.2.STABLE4-5.i386.rpm Alpha:
squid-2.2.STABLE4-5.alpha.rpm SPARC:
squid-2.2.STABLE4-5.sparc.rpm Source:
squid- 2.2.STABLE4-5.src.rpm
7. Problem description:
8. Solution: rpm -Uvh filename where filename is the name of the RPM. Alternatively, you can simply disable the cachemgr.cgi, by editing your http daemons access control files or deleting/moving the cachemgr.cgi binary. After installing the rpm, please restart squid by typing: /etc/rc.d/init.d/squid restart
9. Verification: MD5 sum Package Name ------------------------------------------------------------------------- 80d527634fc8d8d2029532a628b3d924 squid-2.2.STABLE4-5.i386.rpm 65d18747148d7e3dae4249fe65c18c6b squid-2.2.STABLE4-5.alpha.rpm 734f84b949752fe39b5e58555210ff51 squid-2.2.STABLE4-5.sparc.rpm 02a93b0b1985f8d5c77eb8f3e8981eeb squid-2.2.STABLE4-5.src.rpmThese packages are also PGP signed by Red Hat Inc. for security. Our key is available at:
You can verify each package with the following command:
rpm --checksig
If you only wish to verify that each package has not been corrupted o
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp
10. References: |
||
For each RPM for your particular architecture, run:
rpm -Uvh filename
where filename is the name of the RPM.
Alternatively, you can simply disable the cachemgr.cgi,
by editing your http daemons access control files or
deleting/moving the cachemgr.cgi binary.
After installing the rpm, please restart squid by typing:
/etc/rc.d/init.d/squid restart
9. Verification:
MD5 sum Package Name
80d527634fc8d8d2029532a628b3d924 squid-2.2.STABLE4-5.i386.rpm
65d18747148d7e3dae4249fe65c18c6b squid-2.2.STABLE4-5.alpha.rpm
734f84b949752fe39b5e58555210ff51 squid-2.2.STABLE4-5.sparc.rpm
02a93b0b1985f8d5c77eb8f3e8981eeb squid-2.2.STABLE4-5.src.rpm
These packages are also PGP signed by Red Hat Inc. for security. Our
key is available at:
You can verify each package with the following command:
rpm --checksig
If you only wish to verify that each package has not been corrupted o
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp
Red Hat Linux 6.0, all architectures
4. Obsoleted by:
None
5. Conflicts with:
None
6. RPMs required:
Intel:
squid-
2.2.STABLE4-5.i386.rpm
Alpha:
squid-2.2.STABLE4-5.alpha.rpm
SPARC:
squid-2.2.STABLE4-5.sparc.rpm
Source:
squid-
2.2.STABLE4-5.src.rpm
Get the latest Linux and open source security news straight to your inbox.