lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 6 May 2005 13:01:40 +0200
From: Martin Pitt <>
Subject: [USN-122-1] Squid vulnerability

Ubuntu Security Notice USN-122-1	       May 06, 2005
squid vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to
version 2.5.5-6ubuntu0.8 (for Ubuntu 4.10), or 2.5.8-3ubuntu1.1 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

Michael Bhola discovered that errors in the http_access configuration,
in particular missing or invalid ACLs, did not cause a fatal error.
This could lead to wider access permissions than intended by the

Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:
      Size/MD5:   276757 7b26eb2a184679022f464b63e291d19b
      Size/MD5:      652 4da37d1c615d54797cc2028d849105ab
      Size/MD5:  1363967 6c7f3175b5fa04ab5ee68ce752e7b500

  Architecture independent packages:
      Size/MD5:   190936 91e6cd46663089e064b6fb42ace96ac9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:    90378 e9015fbc3c1254c6c2f5bc8ac56efce2
      Size/MD5:   813128 634d42a1725cfc923e35ea8119ffe3d0
      Size/MD5:    71736 fbae0529e868d4134d0ee115ff6638b9

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:    88894 85ec877e990f28574de50c2c63e5f4a4
      Size/MD5:   729090 baed31142f50ab158b623f529611f859
      Size/MD5:    70454 3231efcaf0b8df6e613f25ec5b9346ab

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:    89812 c73f36d8e893f983bf232356706dcc76
      Size/MD5:   796794 1db8a06b33cac36bbc3a629f8a7a3c80
      Size/MD5:    71226 7af865a03317a5a931c4809d9707d3d4

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:
      Size/MD5:   298580 d806b5e84ae924135a6a34b44c1133a5
      Size/MD5:      663 a38a9f433f5823817c26026ce84560c5
      Size/MD5:  1383756 bbc1e77bd175462732fe5f0d822fd160

  Architecture independent packages:
      Size/MD5:   194406 304fe5aae35b6afd0979a9e44637e176

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:    92780 4b4f9585274c29628aa225ad840cec48
      Size/MD5:   821112 c6a2a4efe7b9fa6bc14958034368fca0
      Size/MD5:    75330 6d94993c5922a51d97b7756e025e81bf

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:    91166 6e36aa5eed03be943c4f1d5ecb4b54dc
      Size/MD5:   739882 1c7b570053e84764736c4f4734efa197
      Size/MD5:    73944 7ad8129917311c54a31e6179a152217f

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:    92264 e034c75cf11777603c273f57566d1eaf
      Size/MD5:   809094 c50c0f96eca1fcb05232147749a3336a
      Size/MD5:    74794 a05d17bdd0d44a4bcdcbf8e61a1bddda

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists