From Mageia wiki
Revision as of 21:47, 27 December 2012 by Tmb (talk | contribs) (Created page with "== MGASA-2012-0368 == {| |'''Date:''' |December 27th, 2012 |- |'''Affected releases:''' |2 |} '''Description:'''<br/> Updated squid packages fix security vulnerability:<br/> ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

MGASA-2012-0368

Date: December 27th, 2012
Affected releases: 2


Description:
Updated squid packages fix security vulnerability:

Due to missing input validation, the Squid cachemgr.cgi tool in Squid
before 3.1.22 and 3.2.4 is vulnerable to a denial of service attack
when processing specially crafted requests (CVE-2012-5643).


Updated Packages:
squid-3.1.19-4.1.mga2
squid-cachemgr-3.1.19-4.1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643
http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
https://bugs.mageia.org/show_bug.cgi?id=8453