[Bug 907687] Re: CVE-2010-0639: DoS (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port
Launchpad Bug Tracker
907687 at bugs.launchpad.net
Tue Jan 17 16:34:01 UTC 2012
This bug was fixed in the package squid3 - 3.1.14-1ubuntu0.1
---------------
squid3 (3.1.14-1ubuntu0.1) oneiric-security; urgency=low
* SECURITY UPDATE: Fix DoS (memory corruption and daemon restart) or possibly
have unspecified other impact via a long line in a response by remote
Gopher servers. (LP: #907687)
- debian/patches/CVE-2011-3205.dpatch: patch derived from upstream.
- CVE-2011-3205
* SECURITY UPDATE: Fix DoS (daemon abort) via DNS reply containing a CNAME
record that references another CNAME record that contains an empty A record.
- debian/patches/CVE-2011-4096.dpatch
- CVE-2011-4096
-- Mahyuddin Susanto <udienz at ubuntu.com> Thu, 22 Dec 2011 21:51:38 +0700
** Changed in: squid3 (Ubuntu Oneiric)
Status: Invalid => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3205
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-4096
** Changed in: squid3 (Ubuntu Natty)
Status: Invalid => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/907687
Title:
CVE-2010-0639: DoS (NULL pointer dereference and daemon crash) via
crafted packets to the HTCP port
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/907687/+subscriptions
More information about the Ubuntu-server-bugs
mailing list