Am I affected by this Squid Advisory ?
Ed K.
ed at hp.uab.edu
Thu Jun 17 19:24:09 UTC 2004
Unless they patched it themselves...... who knows?
But 2.5.s5 includes additional NTLM fixes:
http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE5-RELEASENOTES.html
and 2.5.s4 does have some patches for NTLM:
http://www.squid-cache.org/Versions/v2/2.5/bugs/#STABLE4
My suggestion: Install from source, the package maintainers are not always
on the ball.
ed
On Thu, 17 Jun 2004, Ow Mun Heng wrote:
> Hi,
> I'm just looking at this.. and I'm wondering how is it that I can
> determine whether the package I'm using is affected.
>
> Any rpm command I can use? I'm using squid-2.5-stable4 from
> linux-kernel.at
>
>
> RHSA-2004:242-06 - Updated squid package fixes security vulnerability
>
> Advisory: RHSA-2004:242-06
> Last updated on: 2004-06-09
> Affected Products: Red Hat Desktop (v. 3)
> Red Hat Enterprise Linux AS (v. 3)
> Red Hat Enterprise Linux ES (v. 3)
> Red Hat Enterprise Linux WS (v. 3)
> CVEs (cve.mitre.org): CAN-2004-0541
> ...
>
> http://www.zone-h.org/en/advisories/read/id=4797/
> --
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
Security on the internet is impossible without strong, open,
and unhindered encryption.
More information about the fedora-list
mailing list