---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-373
2005-05-17
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : squid
Version     : 2.5.STABLE9                      
Release     : 1.FC3.6                  
Summary     : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

---------------------------------------------------------------------* Mon May 16 2005 Jay Fenlason  7:2.5.STABLE9-1.FC3.6

- More upstream patches, including ones for
  bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks
  bz#156162 CVE-1999-0710 cachemgr.cgi access control bypass

- The following bugs had already been fixed, but the announcements were lost
  bz#156711 CAN-2005-1390 HTTP Request Smuggling Vulnerabilities
  bz#156703 CAN-2005-1389 HTTP Response Splitting Vulnerabilities
  (Both fixed by squid-7:2.5.STABLE8-1.FC3.1)
  bz#151419 Unexpected access control results on configuration errors
  (Fixed by 7:2.5.STABLE9-1.FC3.2)
  bz#152647#squid-2.5.STABLE9-1.FC3.4.x86_64.rpm is broken
  (fixed by 7:2.5.STABLE9-1.FC3.5)
  bz#141938 squid ldap authentification broken
  (Fixed by 7:2.5.STABLE7-1.FC3)

* Fri Apr  1 2005 Jay Fenlason  7:2.5.STABLE9-1.FC3.5

- More upstream patches, including a new version of the -2GB patch
  that doesn't break diskd.


---------------------------------------------------------------------This update can be downloaded from:
  
c94ce8b9fc2ae09b867fa73a4036901b  SRPMS/squid-2.5.STABLE9-1.FC3.6.src.rpm
6862c9189f1686280b95a31501ce5283  x86_64/squid-2.5.STABLE9-1.FC3.6.x86_64.rpm
5e96af43a684836da7e88279a5643b1a  x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.x86_64.rpm
81f8f55caf7f423054356ae57c2d02f9  i386/squid-2.5.STABLE9-1.FC3.6.i386.rpm
e912773d9f9889686a70debe1c1146c8  i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 3 Update: squid-2.5.STABLE9-1.FC3.6

May 17, 2005
Updated package.

Summary

Squid is a high-performance proxy caching server for Web clients,

supporting FTP, gopher, and HTTP data objects. Unlike traditional

caching software, Squid handles all requests in a single,

non-blocking, I/O-driven process. Squid keeps meta data and especially

hot objects cached in RAM, caches DNS lookups, supports non-blocking

DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System

lookup program (dnsserver), a program for retrieving FTP data

(ftpget), and some management and client tools.

- More upstream patches, including ones for

bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks

bz#156162 CVE-1999-0710 cachemgr.cgi access control bypass

- The following bugs had already been fixed, but the announcements were lost

bz#156711 CAN-2005-1390 HTTP Request Smuggling Vulnerabilities

bz#156703 CAN-2005-1389 HTTP Response Splitting Vulnerabilities

(Both fixed by squid-7:2.5.STABLE8-1.FC3.1)

bz#151419 Unexpected access control results on configuration errors

(Fixed by 7:2.5.STABLE9-1.FC3.2)

bz#152647#squid-2.5.STABLE9-1.FC3.4.x86_64.rpm is broken

(fixed by 7:2.5.STABLE9-1.FC3.5)

bz#141938 squid ldap authentification broken

(Fixed by 7:2.5.STABLE7-1.FC3)

* Fri Apr 1 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.5

- More upstream patches, including a new version of the -2GB patch

that doesn't break diskd.

c94ce8b9fc2ae09b867fa73a4036901b SRPMS/squid-2.5.STABLE9-1.FC3.6.src.rpm

6862c9189f1686280b95a31501ce5283 x86_64/squid-2.5.STABLE9-1.FC3.6.x86_64.rpm

5e96af43a684836da7e88279a5643b1a x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.x86_64.rpm

81f8f55caf7f423054356ae57c2d02f9 i386/squid-2.5.STABLE9-1.FC3.6.i386.rpm

e912773d9f9889686a70debe1c1146c8 i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-373 2005-05-17 Name : squid Version : 2.5.STABLE9 Release : 1.FC3.6 Summary : The Squid proxy caching server. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. - More upstream patches, including ones for bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks bz#156162 CVE-1999-0710 cachemgr.cgi access control bypass - The following bugs had already been fixed, but the announcements were lost bz#156711 CAN-2005-1390 HTTP Request Smuggling Vulnerabilities bz#156703 CAN-2005-1389 HTTP Response Splitting Vulnerabilities (Both fixed by squid-7:2.5.STABLE8-1.FC3.1) bz#151419 Unexpected access control results on configuration errors (Fixed by 7:2.5.STABLE9-1.FC3.2) bz#152647#squid-2.5.STABLE9-1.FC3.4.x86_64.rpm is broken (fixed by 7:2.5.STABLE9-1.FC3.5) bz#141938 squid ldap authentification broken (Fixed by 7:2.5.STABLE7-1.FC3) * Fri Apr 1 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.5 - More upstream patches, including a new version of the -2GB patch that doesn't break diskd. c94ce8b9fc2ae09b867fa73a4036901b SRPMS/squid-2.5.STABLE9-1.FC3.6.src.rpm 6862c9189f1686280b95a31501ce5283 x86_64/squid-2.5.STABLE9-1.FC3.6.x86_64.rpm 5e96af43a684836da7e88279a5643b1a x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.x86_64.rpm 81f8f55caf7f423054356ae57c2d02f9 i386/squid-2.5.STABLE9-1.FC3.6.i386.rpm e912773d9f9889686a70debe1c1146c8 i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : squid
Version : 2.5.STABLE9
Release : 1.FC3.6
Summary : The Squid proxy caching server.

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved