diff options
author | delphij <delphij@FreeBSD.org> | 2010-02-15 14:29:30 +0800 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2010-02-15 14:29:30 +0800 |
commit | 47e3abbe5e053d66db3b77b58c9bed4a4ec825f3 (patch) | |
tree | f0d7f2f2ec8aad3880c9098e0df134a1f6a36de2 /security | |
parent | 47d6f1c3465539a4ab82fbb84d412ba52668b446 (diff) | |
download | freebsd-ports-gnome-47e3abbe5e053d66db3b77b58c9bed4a4ec825f3.tar.gz freebsd-ports-gnome-47e3abbe5e053d66db3b77b58c9bed4a4ec825f3.tar.zst freebsd-ports-gnome-47e3abbe5e053d66db3b77b58c9bed4a4ec825f3.zip |
Update www/squid and www/squid30 to address Squid HTCP Packet Processing
NULL Pointer Dereference vulnerability (SQUID-2010:2)
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 5dc4c4c4e4da..fcef7e2c8bd4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,37 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="81d9dc0c-1988-11df-8e66-0019996bc1f7"> + <topic>squid -- Denial of Service vulnerability in HTCP</topic> + <affects> + <package> + <name>squid</name> + <range><ge>2.7.1</ge><lt>2.7.7_4</lt></range> + <range><ge>3.0.1</ge><lt>3.0.24</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Squid security advisory 2010:2 reports:</p> + <blockquote cite="http://www.squid-cache.org/Advisories/SQUID-2010_2.txt"> + <p>Due to incorrect processing Squid is vulnerable to a + denial of service attack when receiving specially crafted + HTCP packets.</p> + <p>This problem allows any machine to perform a denial + of service attack on the Squid service when its HTCP port + is open.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.squid-cache.org/Advisories/SQUID-2010_2.txt</url> + </references> + <dates> + <discovery>2010-02-12</discovery> + <entry>2010-02-14</entry> + </dates> + </vuln> + <vuln vid="ff6519ad-18e5-11df-9bdd-001b2134ef46"> <topic>linux-flashplugin -- multiple vulnerabilities</topic> <affects> |