blob: b0965e7f16cc6b4919b4fb75a17471b938b8f815 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
#use wml::debian::translation-check translation="1.2" maintainer=""
#pddp arteek
<define-tag description>ACL bypass</define-tag>
<define-tag moreinfo>
<p>A vulnerability was discovered in squid, an Internet object cache,
whereby access control lists based on URLs could be bypassed
(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0189">CAN-2004-0189</a>). Two other bugs were also fixed with patches
squid-2.4.STABLE7-url_escape.patch (a buffer overrun which does not
appear to be exploitable) and squid-2.4.STABLE7-url_port.patch (a
potential denial of service).</p>
<p>For the stable distribution (woody) these problems have been fixed in
version 2.4.6-2woody2.</p>
<p>For the unstable distribution (sid) these problems have been fixed in
version 2.5.5-1.</p>
<p>We recommend that you update your squid package.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2004/dsa-474.data"
|
