Re: Squid Proxy Cache Security Update Advisory SQUID-2002:3
## Patrick Hsieh (pahud@pahud.net):
> http://www.squid-cache.org/Advisories/SQUID-2002_3.txt
> Is there anyone working around this problem?
If you want to have 2.4STABLE7 now on woody or sid, you can get
the source package for 2.4STABLE6 (apt-get source), patch with
the official squid patch
http://www.squid-cache.org/Versions/v2/2.4/diff-2.4.STABLE6-2.4.STABLE7.gz
(which applies nicely to the Debian source), edit debian/control
and debian/changelog to match versions (and maintainer, especially
if you want to gpg-sign your packages) and do a
dpkg-buildpackage -rfakeroot.
If you trust my packages (I wouldn't), you can fetch
http://www.rz.uni-karlsruhe.de/~ry04/debian/squid-cgi_2.4.7-0.1_i386.deb
MD5: 556574692c0875302778dbb6fe3c509f
http://www.rz.uni-karlsruhe.de/~ry04/debian/squid_2.4.7-0.1_i386.deb
MD5: c2c2814e496ab1a669668d71d46b4c9f
http://www.rz.uni-karlsruhe.de/~ry04/debian/squid_2.4.7-0.1_i386.deb
MD5: 690455b981c69415e2edf7ac3d1ecf45
I built those packages this morning (using above procedure) and my
proxy is happily serving requests since a little more than two hours.
"Use at your own risk" and "no warranty" apply as usual and a little
more, because these packages do not come from a trusted source (at
least from your point of view).
Regards,
cmt
--
Spare Space
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: