[SECURITY] Fedora 8 Update: squid-2.6.STABLE19-1.fc8

updates at fedoraproject.org updates at fedoraproject.org
Tue Apr 29 20:53:41 UTC 2008

Fedora Update Notification
2008-04-29 20:23:33

Name        : squid
Product     : Fedora 8
Version     : 2.6.STABLE19
Release     : 1.fc8
URL         : http://www.squid-cache.org
Summary     : The Squid proxy caching server
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

Update Information:

This update fix a regression introduced in Squid security advisory SQUID-2007:2.
Attacker could use this flaw to cause exit of squid child process, interrupting
proxied connections and causing temporary denial of service. (CVE-2008-1612,

* Tue Mar 25 2008 Martin Nagy <mnagy at redhat.com> - 2.6.STABLE19-1
- upgrade to latest upstream 2.6.STABLE19
* Tue Mar 11 2008 Martin Nagy <mnagy at redhat.com> - 2.6.STABLE17-2
- set default of cache_effective_group to none (#252197)
* Thu Dec  6 2007 Martin Nagy <mnagy at redhat.com> - 2.6.STABLE17-1
- upgrade to latest upstream 2.6.STABLE17
* Mon Nov 12 2007 Martin Bacovsky <mbacovsk at redhat.com> - 7:2.6.STABLE16-3
- squid is compiled wirh arp acls support (--enable-arp-acl)

This update can be installed with the "yum" update program.  Use 
su -c 'yum update squid' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the Fedora-package-announce mailing list