| |||||||||||||||||||
Fedora alert FEDORA-2010-14236 (squid)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-14236 2010-09-08 01:59:42 -------------------------------------------------------------------------------- Name : squid Product : Fedora 12 Version : 3.1.8 Release : 1.fc12 URL : http://www.squid-cache.org Summary : The Squid proxy caching server Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. -------------------------------------------------------------------------------- Update Information: * Upstream 3.1.8 bugfix release fixing SQUID-2010:3 denial of service issue. * Drop -fPIE compiler flag which resulted in inconsistent build and SELinux complaints. -------------------------------------------------------------------------------- ChangeLog: * Sun Sep 5 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.8-1 - Bug #630445: SQUID-2010:3 Denial of service issue * Fri Sep 3 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.7-1.fc12.1 - Drop -fPIE compiler flag. Causes selinux complaints after upstream libtool update and was not really effective anyway. * Tue Aug 24 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.7-1 - Uptream 3.1.7 bugfix release * Sat Aug 21 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.6-1 - Upstream 3.1.6 bugfix release - Switch to using system libtool-ltdl * Thu Jul 15 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.5-2 - Upstream 3.1.5 bugfix release - Upstream patch for Bug #614665: Squid crashes with ident auth - Upstream patches for various memory leaks * Mon May 31 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.4-2 - Correct case-insensitiveness in HTTP list header parsing * Sun May 30 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.4-1 - Upstream 3.1.4 bugfix release, issues relating to IPv6, TPROXY, Memory management, follow_x_forwarded_for, and stability fixes * Fri May 14 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.3-2 - Fully fix #548903 - "comm_open: socket failure: (97) Address family not supported by protocol" if IPv6 disabled - Various IPv6 related issues fixed, making tcp_outgoing_address behave as expected and no commResetFD warnings when using tproxy setups. * Sun May 2 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.3-1 - Update to 3.1.3 Upstream bugfix release, fixing WCCPv1 * Mon Apr 19 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.1-3 - Bug #583489: Adjust logrotate script to changes in logrotate package. * Fri Apr 2 2010 Jiri Skala <jskala@redhat.com> - 7:3.1.1-2 - fixes #548903 - "comm_open: socket failure: (97) Address family not supported by protocol" if IPv6 disabled * Tue Mar 30 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.1-1 - Update to 3.1.1 Squid bug #2827 crash with assertion failed: FilledChecklist.cc:90: "conn() != NULL" under high load. * Mon Mar 15 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.18-1 - Upgrade to 3.1.0.18 fixing Digest authentication and improved HTTP/1.1 support * Sun Feb 28 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.17-3 - Bug 569120, fails to open unbound ipv4 listening sockets * Thu Feb 25 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.17-2 - Upgrade to 3.1.0.17 * Mon Feb 15 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.16-6 - Patch for Squid security advisory SQUID-2010:2, denial of service issue in HTCP processing (CVE-2010-0639) * Sun Feb 7 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.16-5 - Rebuild 3.1.0.16 with corrected upstream release. * Sat Feb 6 2010 Jiri Skala <jskala@redhat.com> - 7:3.1.0.16-4 - fixes assertion during start up * Mon Feb 1 2010 Henrik Nordstrom <henrik@henriknordstrom.net> 7:3.1.0.16-3 - Upgrade to 3.1.0.16 for DNS related DoS fix (Squid-2010:1) * Sat Jan 9 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.15-3 - fixed #551302 PROXY needs libcap. Also increases security a little. - merged relevant upstream bugfixes waiting for next 3.1 release * Mon Nov 23 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.15-2 - Update to 3.1.0.15 with a number of bugfixes and a workaround for ICEcast/SHOUTcast streams. * Mon Nov 23 2009 Jiri Skala <jskala@redhat.com> 7:3.1.0.14-2 - fixed #532930 Syntactic error in /etc/init.d/squid - fixed #528453 cannot initialize cache_dir with user specified config file -------------------------------------------------------------------------------- References: [ 1 ] Bug #630444 - Squid: Denial of service due internal error in string handling (SQUID-2010:3) https://bugzilla.redhat.com/show_bug.cgi?id=630444 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update squid' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-... (Log in to post comments)
|
|||||||||||||||||||