Re: Bug#140112: squid: SQUID-2002:2; possibly exploitable segfault in DNS reply parsing.
>>>>> "Tommi" == Tommi Virtanen <tv@debian.org> writes:
Tommi> __________________________________________________________________
Tommi> Squid Proxy Cache Security Update Advisory
Tommi> SQUID-2002:2
Tommi> __________________________________________________________________
How is this exploitable? I know 'possibly exploitable' but is there any theory
how this could be done?
Tommi> DNS Socket created at 0.0.0.0, port 4345, FD 5
Mine say
DNS Socket created on FD 5
But I asume mine is vulnerable (using 2.4.4-1). Is there any backport of the
fix for this release?
--
BATF Saddam Hussein SDI cryptographic genetic Peking Nazi security
jihad ammonium Noriega Delta Force spy Soviet tritium
[See http://www.aclu.org/echelonwatch/index.html for more about this]
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: