[ubuntu/karmic-security] squid_2.7.STABLE6-2ubuntu2.1_sparc_translations.tar.gz (delayed), squid_2.7.STABLE6-2ubuntu2.1_armel_translations.tar.gz, squid_2.7.STABLE6-2ubuntu2.1_lpia_translations.tar.gz, squid, squid_2.7.STABLE6-2ubuntu2.1_i386_translations.tar.gz, squid_2.7.STABLE6-2ubuntu2.1_powerpc_translations.tar.gz, squid_2.7.STABLE6-2ubuntu2.1_ia64_translations.tar.gz, squid_2.7.STABLE6-2ubuntu2.1_amd64_translations.tar.gz 2.7.STABLE6-2ubuntu2.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Feb 16 15:03:33 GMT 2010 

squid (2.7.STABLE6-2ubuntu2.1) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service via crafted auth header
    - debian/patches/08-CVE-2009-2855.dpatch: correctly parse delimiters in
      src/HttpHeaderTools.c.
    - CVE-2009-2855
  * SECURITY UPDATE: denial of service via crafted DNS packet
    - debian/patches/09-CVE-2010-0308.dpatch: don't abort on error in
      lib/rfc1035.c.
    - CVE-2010-0308

Date: Fri, 12 Feb 2010 12:37:01 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/squid/2.7.STABLE6-2ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Fri, 12 Feb 2010 12:37:01 -0500
Source: squid
Binary: squid squid-common squid-cgi
Architecture: source
Version: 2.7.STABLE6-2ubuntu2.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 squid      - Internet object cache (WWW proxy cache)
 squid-cgi  - Squid cache manager CGI program
 squid-common - Internet object cache (WWW proxy cache) - common files
Changes: 
 squid (2.7.STABLE6-2ubuntu2.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via crafted auth header
     - debian/patches/08-CVE-2009-2855.dpatch: correctly parse delimiters in
       src/HttpHeaderTools.c.
     - CVE-2009-2855
   * SECURITY UPDATE: denial of service via crafted DNS packet
     - debian/patches/09-CVE-2010-0308.dpatch: don't abort on error in
       lib/rfc1035.c.
     - CVE-2010-0308
Checksums-Sha1: 
 f6965182b34ce241f0472921532efdefaa5bd097 1272 squid_2.7.STABLE6-2ubuntu2.1.dsc
 d604d9688ef6935a87d167ee0fb16f8181eb8fac 304537 squid_2.7.STABLE6-2ubuntu2.1.diff.gz
Checksums-Sha256: 
 50f8181fbd1b68acfe5d427bd35f6631138bb83d2dde3c9b1b8d0852cee2bd60 1272 squid_2.7.STABLE6-2ubuntu2.1.dsc
 a937e239aeafb2a55f1617520ef40f48efd8448f4516eda17cc840cf129dc369 304537 squid_2.7.STABLE6-2ubuntu2.1.diff.gz
Files: 
 e220c14c3b7128a5c429a474df9d04a0 1272 web optional squid_2.7.STABLE6-2ubuntu2.1.dsc
 e1bc8245ae44b54b879ac9387f8e5d43 304537 web optional squid_2.7.STABLE6-2ubuntu2.1.diff.gz
Original-Maintainer: Luigi Gangitano <luigi at debian.org>

More information about the Karmic-changes mailing list