Fedora 10 Update: squidGuard-1.4-8.fc10
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-10743 2009-10-27 05:00:11 --------...
Summary
Fixes language file issue, but more importantly. . . --------------- squidGuard upstream has released patches fixing (quoting from upstream advisories): a, This patch fixes one buffer overflow problem in sgLog.c when overlong URLs are requested. SquidGuard will then go into emergency mode were no blocking occurs. This is not required in this situation. URL: Downloads/Patches/1.4/Readme.Patch-20091015 ---- b, This patch fixes two bypass problems with URLs which length is close to the limit defined by MAX_BUF (default: 4096) in squidGuard and MAX_URL (default: 4096 in squid 2.x and 8192 in squid 3.x) in squid. For this kind of URLs the proxy request exceeds MAX_BUF causing squidGuard to complain about not being able to parse the squid request. URL: ----
Change Log
References
http://ww25.nntpnews.net/f3468/ports-139844-maintainer-update-www-squidguard-fix-security-vulnerabilities-11997445/ Upstream patches - squidGuard 1.4: ---------------------------------- Upstream advisories: --------------------