Package: squid Version: 2.5.9 Severity: normal Tags: security squid 2.5.9 is vulnerable to a minor security hole, as described at http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error:
synopsis On configuration errors involving wrongly defined or missing acls the http_access results may be different than expected, possibly allowing more access than intended. This patch makes such configuration errors a fatal error, preventing the service from starting until the access control configuration errors have been corrected. severity Cosmetic Security date 2005-03-04 22:48 bugzilla #1255 versions Squid-2.5 and earlier platforms All patch squid-2.5.STABLE9-acl_error.patch workaround Verify your configuration with "squid -k parse" and correct any errors reported before starting Squid. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages squid depends on: ii adduser 3.63 Add and remove users and groups ii coreutils 5.2.1-2 The GNU core utilities ii debconf 1.4.48 Debian configuration management sy ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an ii libldap2 2.1.30-6 OpenLDAP libraries ii libpam0g 0.76-22 Pluggable Authentication Modules l ii logrotate 3.7-2 Log rotation utility ii netbase 4.21 Basic TCP/IP networking system pn squid-common Not found. -- see shy jo
signature.asc
Description: Digital signature
