[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#140112: squid: SQUID-2002:2; possibly exploitable segfault in DNS reply parsing.

>>>>> "Tommi" == Tommi Virtanen <tv@debian.org> writes:

    Tommi> __________________________________________________________________
    Tommi>       Squid Proxy Cache Security Update Advisory
    Tommi> SQUID-2002:2
    Tommi> __________________________________________________________________

How is this exploitable? I know 'possibly exploitable' but is there any theory
how this could be done?

    Tommi>    DNS Socket created at, port 4345, FD 5

Mine say

        DNS Socket created on FD 5

But I asume mine is vulnerable (using 2.4.4-1). Is there any backport of the
fix for this release?
BATF Saddam Hussein SDI cryptographic genetic Peking Nazi security
jihad ammonium Noriega Delta Force spy Soviet tritium
[See http://www.aclu.org/echelonwatch/index.html for more about this]

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: