About Ubuntu

=========================================================== Ubuntu Security Notice USN-183-1 September 13, 2005 squid vulnerabilities CAN-2005-2794, CAN-2005-2796 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: squid The problem can be corrected by upgrading the affected package to version 2.5.5-6ubuntu0.10 (for Ubuntu 4.10), or 2.5.8-3ubuntu1.3 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A Denial of Service vulnerability was discovered in the handling of aborted requests. A remote attacker could exploit this to crash Squid by sending specially crafted requests. (CAN-2005-2794) Alex Masterov discovered a Denial of Service vulnerability in the sslConnectTimeout() function. By sending specially crafted SSL requests, a remote attacker could exploit this to crash Squid. (CAN-2005-2796)