Re: Bug#140112: squid: SQUID-2002:2; possibly exploitable segfault in DNS reply parsing.
In article <[🔎] 87ofha5fqi.fsf@papadoc.bayour.com>,
Turbo Fredriksson <turbo@debian.org> wrote:
>>>>>> "Tommi" == Tommi Virtanen <tv@debian.org> writes:
>
> Tommi> __________________________________________________________________
> Tommi> Squid Proxy Cache Security Update Advisory
> Tommi> SQUID-2002:2
> Tommi> __________________________________________________________________
>
>But I asume mine is vulnerable (using 2.4.4-1). Is there any backport of the
>fix for this release?
2.4.6-1 has been uploaded to the archives a few days ago - but I can't
find it anywhere anymore. It's either stuck somewhere due to the
crypto-in-main transition, or it got lost ..
But I did upload it, witness:
% dupload --to master squid_2.4.6-1_i386.changes
Uploading (scpb) to ftp-master.debian.org:/org/ftp.debian.org/incoming/
[ job squid_2.4.6-1_i386 from squid_2.4.6-1_i386.changes New dpkg-dev, announcement will NOT be sent
squid_2.4.6.orig.tar.gz, md5sum ok, already done for master
squid_2.4.6-1.diff.gz, md5sum ok, already done for master
squid_2.4.6-1.dsc, md5sum ok, already done for master
squidclient_2.4.6-1_i386.deb, md5sum ok, already done for master
squid-cgi_2.4.6-1_i386.deb, md5sum ok, already done for master
squid_2.4.6-1_i386.deb, md5sum ok, already done for master
squid_2.4.6-1_i386.changes ok, already done for master ]
Nothing to upload
%
Mike.
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: