Debian Security Advisory
DLA-45-1 squid3 -- LTS security update
- Date Reported:
- 04 Sep 2014
- Affected Packages:
- squid3
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-3609.
- More information:
-
CVE-2014-3609: Denial of Service in Range header processing.
Ignore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid.
For Debian 6
Squeeze
, these issues have been fixed in squid3 version 3.1.6-1.2+squeeze4