From Mageia wiki
MGASA-2012-0368
| Date: | December 27th, 2012 |
| Affected releases: | 2 |
Description:
Updated squid packages fix security vulnerability:
Due to missing input validation, the Squid cachemgr.cgi tool in Squid
before 3.1.22 and 3.2.4 is vulnerable to a denial of service attack
when processing specially crafted requests (CVE-2012-5643).
Updated Packages:
squid-3.1.19-4.1.mga2
squid-cachemgr-3.1.19-4.1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643
http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
https://bugs.mageia.org/show_bug.cgi?id=8453
