[SECURITY] Fedora Core 2 Update: squid-2.5.STABLE7-1.FC2.1

Jay Fenlason fenlason at redhat.com
Wed Feb 2 02:47:33 UTC 2005 

Many security holes in Squid are closed by this update.  If you run
Squid, you should upgrade.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-105
2005-02-01
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : squid
Version     : 2.5.STABLE7                      
Release     : 1.FC2.1                  
Summary     : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

---------------------------------------------------------------------

* Tue Feb 01 2005 Jay Fenlason <fenlason at redhat.com> 7:2.5.STABLE7-1.FC2.1

- Add more upstream patches, including fixes for 
  bz#146783  Correct handling of oversized reply headers
  bz#146778  CAN-2005-0211 Buffer overflow in WCCP recvfrom() call

* Thu Jan 20 2005 Jay Fenlason <fenlason at redhat.com> 7:2.5.STABLE7-1.FC2

- Upgrade to 2.5.STABLE7 and 18 upstream patches.
- This includes fixes for CAN-2005-0094 CAN-2005-0095 CAN-2004-0096
  and CAN-2004-0097.  This closes bz#145543 and bz#141938
- This obsoletes Ulrich Drepper's -nonbl patch.
- Add a triggerin on samba-common to make /var/cache/samba/winbindd_privileged
  accessable so that ntlm_auth will work.
  This fixes bz#103726

* Mon Oct 18 2004 Jay Fenlason <fenlason at redhat.com> 7:2.5.STABLE6-3

- include patch from Ulrich Drepper <drepper at redhat.com> to stop
  problems with O_NONBLOCK.  This closes #136049


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

2d9d0ffe41d21349bff23bf24bb676f7  SRPMS/squid-2.5.STABLE7-1.FC2.1.src.rpm
f49233765b306a7c62743a50e26d5d01  x86_64/squid-2.5.STABLE7-1.FC2.1.x86_64.rpm
4a6b39871c52d57635db8882273954a8  x86_64/debug/squid-debuginfo-2.5.STABLE7-1.FC2.1.x86_64.rpm
9168e1536b498db053ff69441a9e2107  i386/squid-2.5.STABLE7-1.FC2.1.i386.rpm
6d382f419ed3ae047d57eaf13f1223ad  i386/debug/squid-debuginfo-2.5.STABLE7-1.FC2.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

More information about the announce mailing list