GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Wed Oct 26, 2011 9:26 pm Post subject: [ GLSA 201110-24 ] Squid: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Squid: Multiple vulnerabilities (GLSA 201110-24)
Severity: high
Exploitable: remote
Date: October 26, 2011
Bug(s): #279379, #279380, #301828, #334263, #381065, #386215
ID: 201110-24
Synopsis
Multiple vulnerabilities were found in Squid allowing attackers to
execute arbitrary code or cause a Denial of Service.
Background
Squid is a full-featured web proxy cache.
Affected Packages
Package: net-proxy/squid
Vulnerable: < 3.1.15
Unaffected: >= 3.1.15
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Squid. Please review
the CVE identifiers referenced below for details.
Impact
Remote unauthenticated attackers may be able to execute arbitrary code
with the privileges of the Squid process or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All squid users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-proxy/squid-3.1.15"
|
NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since September 4, 2011. It is likely that your system is
already no longer affected by this issue.
References
CVE-2009-2621
CVE-2009-2622
CVE-2009-2855
CVE-2010-0308
CVE-2010-0639
CVE-2010-2951
CVE-2010-3072
CVE-2011-3205 |
|
News & Announcements
