[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 3327-1] squid3 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3327-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
August 03, 2015                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : squid3
CVE ID         : CVE-2015-5400
Debian Bug     : 793128

Alex Rousskov of The Measurement Factory discovered that Squid3, a fully
featured web proxy cache, does not correctly handle CONNECT method peer
responses when configured with cache_peer and operating on explicit
proxy traffic. This could allow remote clients to gain unrestricted
access through a gateway proxy to its backend proxy.

For the oldstable distribution (wheezy), this problem has been fixed
in version 3.1.20-2.2+deb7u3.

For the stable distribution (jessie), this problem has been fixed in
version 3.4.8-6+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 3.5.6-1.

We recommend that you upgrade your squid3 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVv86kAAoJEAVMuPMTQ89EKdMP/3uVJrVDZAMdx7BNfQn9G+Pr
JkbXtWxwatbzvzErfWWEBBcom8muODusQ8z6qhjdArLwJ3UILdHpw1gYK7wn8HDR
F+/5VsvgclleVBfYPjvG24Uw7imWiD0Squfl2NVQDATdBv85gmQiiF8O0akSa0vc
VD30k/HbB4zc/OvmXiPV+vLNGbbpfWDbcLUuEjEHcEtK/VavVySvwfaDGAclwcJT
1L0Yy/c1grYcrdj5P/JmkSItB9x0+RLTwMfU4Q+dj7DAOKDSEgD/3umogb22S8rj
rn+JcIC7fxWZhQIZb/Q4+ZiePE27nk2hFICE1szkUtd55xSWt6rDtESuhWOkXBPG
NGL65xuQ35rai46X3jJ6XOLt22DORj4o/PpHrDk7ftInHfhPRxzL8rlV6xgfK+7M
Kxj1XOcUE+PyXe7vpzUb4XioO5e6EiJVpIUDLErMeccUFB3Dy6tHBiwkn7iXPu/b
jKt+gH8qVQgQKTgs2qI/ygnAYhU06ifnDRMfP06YaVHVjFE6h0zxYtvoMOjqFo5K
7jS95J+nQD5T6URFvFdeeFmetfNnUkb704e4pI0KXOypwq5MQUZJr56+DToDYDXj
760+sAsNZmB2jGZuzJEHdQRAB0wJxtLC7RiR84ZiYvmFhE2w1sSj3TnIhNPZI8t2
c1jHRhiJZT4Y8WfUl5l3
=ma/b
-----END PGP SIGNATURE-----


Reply to: