[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

unsubscrib



> From: fw@deneb.enyo.de
> To: debian-security-announce@lists.debian.org
> Date: Fri, 6 Jan 2012 15:28:52 +0100
> Subject: [SECURITY] [DSA 2381-1] squid3 security update
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-2381-1 security@debian.org
> http://www.debian.org/security/ Florian Weimer
> January 06, 2012 http://www.debian.org/security/faq
> - -------------------------------------------------------------------------
>
> Package : squid3
> Vulnerability : invalid memory deallocation
> Problem type : remote
> Debian-specific: no
> CVE ID : CVE-2011-4096
>
> It was discovered that the IPv6 support code in Squid does not
> properly handle certain DNS responses, resulting in deallocation of an
> invalid pointer and a daemon crash.
>
> The squid package and the version of squid3 shipped in lenny lack IPv6
> support and are not affected by this issue.
>
> For the stable distribution (squeeze), this problem has been fixed in
> version 3.1.6-1.2+squeeze2.
>
> For the testing distribution (wheezy) and the unstable distribution
> (sid), this problem has been fixed in version 3.1.18-1.
>
> We recommend that you upgrade your squid3 packages.
>
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: http://www.debian.org/security/
>
> Mailing list: debian-security-announce@lists.debian.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iQEcBAEBAgAGBQJPBwcOAAoJEL97/wQC1SS+m9IH/jRWc9kKuku8KXGpihVK5TCB
> boq81hmIlO74Oa9ZSlF3lEAVU4ZqlFtkCnrWxW3ieRP5zK22P/OvMSdM+RxsWu/M
> gFi4gueXBKD2a1wks26c5kVcOaeg2cgz4uBQowdSAkwg+vXR9x2ZGr0Ed4CeMziO
> OqcYiMkfX8/niCV1xCQuF+9QlLD24EFOQpp49elH34aBZmjnhZGNMf1ok2aISydV
> 8/LO4PRYhVjSM1cCqtiVc/6kyCgpCVezluhAsfFhn4+GcslI5/deaf3xlgybH0Mz
> 4WFT6y0U/iHn8SvbzXQAL4c8Q0UiIMSRKBsxiGv+jIDLkaOBL0cd1Sp63/AWptM=
> =7lar
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/878vlkvra3.fsf@mid.deneb.enyo.de
>
Reply to: