Ubuntu Security Notice USN-183-1
13th September, 2005
squid vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.04
- Ubuntu 4.10
Details
A Denial of Service vulnerability was discovered in the handling of
aborted requests. A remote attacker could exploit this to crash Squid
by sending specially crafted requests. (CAN-2005-2794)
Alex Masterov discovered a Denial of Service vulnerability in the
sslConnectTimeout() function. By sending specially crafted SSL
requests, a remote attacker could exploit this to crash Squid.
(CAN-2005-2796)
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.04:
- squid
- Ubuntu 4.10:
- squid
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None