Mandriva Linux Security Advisory: 2009:161-1: squid

55

Multiple vulnerabilities has been found and corrected in squid:

Due to incorrect buffer limits and related bound checks Squid is
vulnerable to a denial of service attack when processing specially
crafted requests or responses (CVE-2009-2621).

Due to incorrect data validation Squid is vulnerable to a denial
of service attack when processing specially crafted responses
(CVE-2009-2622).

This update provides fixes for these vulnerabilities.

Update:

Additional upstream security patches were applied:

Debug warnings fills up the logs.

Upstream Bug 2728: regression: assertion failed: http.cc:705: !eof

Read More