| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Jan 2005 13:44:16 -0200 From: Conectiva Updates <secure@...ectiva.com.br> To: conectiva-updates@...aleguas.conectiva.com.br, lwn@....net, bugtraq@...urityfocus.com, security-alerts@...uxsecurity.com, linsec@...ts.seifried.org Subject: [CLA-2005:923] Conectiva Security Announcement - squid -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : squid SUMMARY : Fixes for squid vulnerabilities DATE : 2005-01-26 13:41:00 ID : CLA-2005:923 RELEVANT RELEASES : 9, 10 - ------------------------------------------------------------------------- DESCRIPTION Squid[1] is a full-featured web proxy cache. This announcement adds the following patches to Squid: 1.Empty ACLs[2] The meaning of the access controls becomes somewhat confusing if any of the referenced acls is declared empty, without any members. 2.Fakeauth_auth[3] The NTLM fakeauth_auth helper has a memory leak that may cause it to run out of memory under high load, or if it runs for a very long time. Additionally, a malformed NTLM type 3 message could cause a segmentation violation. 3.LDAP spaces[4] LDAP is very forgiving about spaces in search filters and this could be abused to log in using several variants of the login name, possibly bypassing explicit access controls or confusing accounting 4.Non blocking disk[5] O_NONBLOCK on disk files is not is not standardized, and results may be unexpected. Linux now starts to add O_NONBLOCK support on disk files but the implementation is not complete yet and this bites Squid. 5.Gopher html parsing[6] A malicious gopher server may return a response with very long lines that cause a buffer overflow in Squid. 6.WCCP denial of service[7] WCCP_I_SEE_YOU messages contain a 'number of caches' field which should be between 1 and 32. Values outside that range may crash Squid if WCCP is enabled, and if an attacker can spoof UDP packets with the WCCP router's IP address. 7.SNMP core dump[8] If certain malformed SNMP request is received Squid restarts with a Segmentation Fault error. Aditionally, this announcement increases the Squid's initscript timeout for waiting it to stop from 10 seconds to 35 seconds, avoiding problems with stuck connections. SOLUTION It is recommended that all squid users upgrade to the latest packages. This update will automatically restart the service if it is already running. REFERENCES 1.http://squid.nlanr.net/ 2.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls 3.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth 4.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces 5.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-non_blocking_disk 6.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-gopher_html_parsing 7.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_denial_of_service 8.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-SNMP_core_dump UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/10/SRPMS/squid-2.5.5-63116U10_6cl.src.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-2.5.5-63116U10_6cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-auth-2.5.5-63116U10_6cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-extra-templates-2.5.5-63116U10_6cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/squid-2.5.5-25761U90_9cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-2.5.5-25761U90_9cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-auth-2.5.5-25761U90_9cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-extra-templates-2.5.5-25761U90_9cl.i386.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions regarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- Copyright (c) 2004 Conectiva Inc. http://www.conectiva.com - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribe@...aleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@...aleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQFB97rO42jd0JmAcZARAqCWAJ4zZ3bYMYqrbbmwxOaP1oVCg3W6tACg3k6U sQB1t8gIRJ1koYueHBDxxKU= =aVJr -----END PGP SIGNATURE-----
Powered by blists - more mailing lists