[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Am I affected by this Squid Advisory ?



Unless they patched it themselves...... who knows?

But 2.5.s5 includes additional NTLM fixes:
http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE5-RELEASENOTES.html

and 2.5.s4 does have some patches for NTLM:
http://www.squid-cache.org/Versions/v2/2.5/bugs/#STABLE4

My suggestion: Install from source, the package maintainers are not always
on the ball.

ed

On Thu, 17 Jun 2004, Ow Mun Heng wrote:

Hi,
	I'm just looking at this.. and I'm wondering how is it that I can
determine whether the package I'm using is affected.

Any rpm command I can use? I'm using squid-2.5-stable4 from
linux-kernel.at


RHSA-2004:242-06 - Updated squid package fixes security vulnerability


  Advisory:    RHSA-2004:242-06
  Last updated on:     2004-06-09
  Affected Products:   Red Hat Desktop (v. 3)
  Red Hat Enterprise Linux AS (v. 3)
  Red Hat Enterprise Linux ES (v. 3)
  Red Hat Enterprise Linux WS (v. 3)
  CVEs (cve.mitre.org):        CAN-2004-0541
  ...

  http://www.zone-h.org/en/advisories/read/id=4797/
--


-- fedora-list mailing list fedora-list redhat com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list


Security on the internet is impossible without strong, open, and unhindered encryption.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]