Google Site SearchFN Site Search FN Blog Login FN Blog Login
Site Navigation:
 
 

Fedora Update

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
This update can be installed with Yum Update Agent; you can type 'yum update' command in the terminal.
This update can also be installed with the Red Hat Update Agent; you can launch the Red Hat Update Agent with the 'up2date' command in the terminal.

[SECURITY] Fedora Core 1 Update: squid-2.5.STABLE3-1.fc1

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-104
2004-04-15
---------------------------------------------------------------------

Name        : squid
Version     : 2.5.STABLE3                      
Release     : 1.fc1                  
Summary     : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

---------------------------------------------------------------------
Update Information:

---------------------------------------------------------------------
* Tue Mar 09 2004 Jay Fenlason  7:2.5.STABLE3-1.fc1

- Backport security fix for %00 hole.  See CAN-2004-0189:            
   The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows
   remote attackers to bypass url_regex ACLs via a URL with a NULL      
   ("%00") characterm, which causes Squid to use only a portion of the
   requested URL when comparing it against the access control lists.  
- Backport security fix that adds urllogin acl type that can be used to
 protect vulnerable Microsoft Internet Explorer clients.

---------------------------------------------------------------------
This update can be downloaded from:
 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

5b3bd9a972398edcacf4801ddc5718a2  SRPMS/squid-2.5.STABLE3-1.fc1.src.rpm
c48dccb3751ed519ac1189c8183540b7  i386/squid-2.5.STABLE3-1.fc1.i386.rpm
9a6eb17ff52b70020252026bb77b9279  i386/debug/squid-debuginfo-2.5.STABLE3-1.fc1.i386.rpm
6754ae8a0898506e7488975f9bb43cca  x86_64/squid-2.5.STABLE3-1.fc1.x86_64.rpm
617e9faefdfc4a3fa1c9018e0ac7787f  x86_64/debug/squid-debuginfo-2.5.STABLE3-1.fc1.x86_64.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------