Ubuntu
squid3 package

  1. Bug #907687
  2. Comment #4

Comment 4 for bug 907687

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package squid3 - 3.1.6-1.1ubuntu1.2

---------------
squid3 (3.1.6-1.1ubuntu1.2) maverick-security; urgency=low

  * SECURITY UPDATE: Fix DoS (memory corruption and daemon restart) or possibly
    have unspecified other impact via a long line in a response by remote
    Gopher servers. (LP: #907687)
    - debian/patches/CVE-2011-3205.dpatch: patch derived from upstream.
    - CVE-2011-3205
  * SECURITY UPDATE: Fix DoS (daemon abort) via DNS reply containing a CNAME
    record that references another CNAME record that contains an empty A record.
    - debian/patches/CVE-2011-4096.dpatch
    - CVE-2011-4096
 -- Mahyuddin Susanto <email address hidden> Thu, 22 Dec 2011 21:55:40 +0700