USN-111-1: Squid vulnerability
Posted on: 04/14/2005 06:21 AM

A Squid security update is available for Ubuntu Linux 4.10

Ubuntu Security Notice USN-111-1 April 14, 2005
squid vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to version 2.5.5-6ubuntu0.7. In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

A remote Denial of Service vulnerability has been discovered in Squid. If the remote end aborted the connection during a PUT or POST request, Squid tried to free an already freed part of memory, which eventually caused the server to crash.

Source archives:
Size/MD5: 275491 d294a0441d7e2de0da9341eace2c7e73
Size/MD5: 652 1816d94b51dc62c5377504600fe84b91
Size/MD5: 1363967 6c7f3175b5fa04ab5ee68ce752e7b500

Architecture independent packages:
Size/MD5: 190750 ff6a2988ea2399fcaa916ae5c39323e1

amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 90162 64c8782355756f2dc21a2a4bd405f512
Size/MD5: 812954 b2d4e53f212ce58fd33e650dd2b5014a
Size/MD5: 71526 1ce2d80bda1f61c56b1541fd3eda4e77

i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 88692 67b6ed2744f38d3e0033445f7ddd30e2
Size/MD5: 728956 0383caf202387afd18855a77f7a349a0
Size/MD5: 70260 5765c384fdaa1bb4c172f5bb2ecf2bc8

powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 89612 7c28105327bf3fc664d4a679e231625f
Size/MD5: 796392 70e394cace6837edc6643ddd33916d45
Size/MD5: 71030 edc5b5f6f79e958bb701ba4f4fb9c19d

Printed from Linux Compatible (