WBSA-2004:133-01: Updated squid package fixes security vulnerability
Posted on: 04/20/2004 05:25 AM

Updated squid packages has been released for White Box Enterprise Linux 3.0

-----------------------------------------------------------------------
Security Advisory

Synopsis: Updated squid package fixes security vulnerability
Advisory ID: [WBSA-2004:133-01]
Issue date: 2004-04-14
Updated on: 2004-04-19
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: Phishing Spoofing
Cross references:
Obsoletes:
CVE Names: CAN-2004-0189
-----------------------------------------------------------------------

An updated squid package is avaliable that fixes a security vulnerability in URL decoding and provides a new ACL type for protecting vulnerable clients.

More information is available in Red Hat, Inc's original advisory available on their site at:

http://www.redhat.com/archives/enterprise-watch-list/2004-April/msg00000.html

To install this new package on your White Box Enterprise Linux system use the Up2Date Network or Yum.

Note: Be sure to change the default Up2Date or Yum server from the initial location to prevent undue load to the whiteboxlinux.org server, which doesn't have a lot of outbound bandwidth. The config files already have entries for mirror sites commented out.

Up2Date's configuration file is at /etc/sysconfig/rhn/sources

Yum's configuration is in /etc/yum.conf




Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/wbsa_2004133_01_updated_squid_package_fixes_security_vulnerability.html)