Your message dated Wed, 28 Jan 2015 12:19:40 +0000 with message-id <e1ygrau-0000jc...@franck.debian.org> and subject line Bug#776461: fixed in squid3 3.4.8-6 has caused the Debian Bug report #776461, regarding squid3: Excessive CPU consumption (or crash) when contacting servers with many IP addresses to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776461: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776461 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: squid3 Version: 3.4.8-5 Severity: grave Tags: patch upstream Justification: renders package unusable Upstream fixed an issue with server with multiple IP addesses (>10 IPs in current Debian package version) that can make squid3 crash or consume excessive CPU. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) Versions of packages squid3 depends on: ii adduser 3.113+nmu3 ii libc6 2.19-13 ii libcap2 1:2.24-6 ii libcomerr2 1.42.12-1 ii libdb5.3 5.3.28-9 ii libecap2 0.2.0-3 ii libexpat1 2.1.0-6+b3 ii libgcc1 1:4.9.2-10 ii libgssapi-krb5-2 1.12.1+dfsg-16 ii libk5crypto3 1.12.1+dfsg-16 ii libkrb5-3 1.12.1+dfsg-16 ii libldap-2.4-2 2.4.40-3 ii libltdl7 2.4.2-1.11 ii libnetfilter-conntrack3 1.0.4-1 ii libnettle4 2.7.1-5 ii libpam0g 1.1.8-3.1 ii libsasl2-2 2.1.26.dfsg1-12 ii libstdc++6 4.9.2-10 ii libxml2 2.9.2+dfsg1-1+b1 ii logrotate 3.8.7-1+b1 ii lsb-base 4.1+Debian13+nmu1 ii netbase 5.3 ii squid3-common 3.4.8-5 squid3 recommends no packages. Versions of packages squid3 suggests: pn resolvconf <none> ii smbclient 2:4.1.13+dfsg-4 pn squid-cgi <none> pn squid-purge <none> pn squidclient <none> pn ufw <none> pn winbindd <none> -- no debconf information ------------------------------------------------------------ revno: 13199 revision-id: squ...@treenet.co.nz-20141218143623-slknpcqeu13kv438 parent: squ...@treenet.co.nz-20141218143539-y7l81k7av5qlkuwv author: Christos Tsantilas <chtsa...@users.sourceforge.net> committer: Amos Jeffries <squ...@treenet.co.nz> branch nick: 3.4 timestamp: Thu 2014-12-18 06:36:23 -0800 message: Deleting first fs left psstate->servers pointing to uninitialized memory ... possibly causing infinite loops in peerAddFwdServer(). TODO: The condition itself is excessive. If fs is not nil, the previous check already tells us that the Config.forward_max_tries limit is exceeded. ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squ...@treenet.co.nz-20141218143623-slknpcqeu13kv438 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 # testament_sha1: 6856008755c69a187bc5932131c7543c99615dbf # timestamp: 2014-12-18 14:38:46 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 # base_revision_id: squ...@treenet.co.nz-20141218143539-\ # y7l81k7av5qlkuwv # # Begin patch === modified file 'src/peer_select.cc' --- src/peer_select.cc 2014-04-23 05:15:49 +0000 +++ src/peer_select.cc 2014-12-18 14:36:23 +0000 @@ -271,11 +271,12 @@ // due to the allocation method of fs, we must deallocate each manually. // TODO: use a std::list so we can get the size and abort adding whenever the selection loops reach Config.forward_max_tries if (fs && psstate->paths->size() >= (unsigned int)Config.forward_max_tries) { + assert(fs == psstate->servers); while (fs) { - FwdServer *next = fs->next; + psstate->servers = fs->next; cbdataReferenceDone(fs->_peer); memFree(fs, MEM_FWD_SERVER); - fs = next; + fs = psstate->servers; } }
--- End Message ---
--- Begin Message ---Source: squid3 Source-Version: 3.4.8-6 We believe that the bug you reported is fixed in the latest version of squid3, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 776...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Luigi Gangitano <lu...@debian.org> (supplier of updated squid3 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 28 Jan 2015 12:34:42 +0100 Source: squid3 Binary: squid3 squid3-dbg squid3-common squidclient squid-cgi squid-purge Architecture: source all amd64 Version: 3.4.8-6 Distribution: unstable Urgency: medium Maintainer: Luigi Gangitano <lu...@debian.org> Changed-By: Luigi Gangitano <lu...@debian.org> Description: squid-cgi - Full featured Web Proxy cache (HTTP proxy) - control CGI squid-purge - Full featured Web Proxy cache (HTTP proxy) - control utility squid3 - Full featured Web Proxy cache (HTTP proxy) squid3-common - Full featured Web Proxy cache (HTTP proxy) - common files squid3-dbg - Full featured Web Proxy cache (HTTP proxy) - Debug symbols squidclient - Full featured Web Proxy cache (HTTP proxy) - control utility Closes: 742425 776461 776463 776464 776468 Changes: squid3 (3.4.8-6) unstable; urgency=medium . [ Luigi Gangitano <lu...@debian.org> ] * debian/patches/31-squid-3.4-13199.patch - Added upstream patch fixing excessive CPU usage (Closes: #776461) . * debian/patches/32-squid-3.4-13210.patch - Added upstream patch fixing excessive CPU and memory usage in NTLM and Negotiate authentication helpers (Closes: #776463) . * debian/patches/33-squid-3.4-13211.patch - Added upstream patch fixing a possible replay vulnerability on Digest authentication (Closes: #776464) . * debian/patches/34-squid-3.4-13213.patch - Added upstream patch fixing incorrect security permissions for TOS/DiffServ packet marking (Closes: #776468) . * debian/patches/35-squid-3.4-13203.patch - Added upstream patch fixing squidclient unable to connect to host with both IPv4 and IPv6 addresses (Closes: #742425) Checksums-Sha1: 2788b28d58e5507644924fe023542d63faab874a 2271 squid3_3.4.8-6.dsc 96253e6797b2dcd9e710745dc252135e93fb78b8 29968 squid3_3.4.8-6.debian.tar.xz 05a79a13298063dfb6bf1bbdca01fdc341a614f3 258036 squid3-common_3.4.8-6_all.deb 893c2f9f4b6f698bffa0a2c3337204511e2e896f 2066774 squid3_3.4.8-6_amd64.deb 4e158d1a3bea8bd3a52a76f54263677743fb118a 8652908 squid3-dbg_3.4.8-6_amd64.deb 6832783fbc2acbd386930b9ed16d85771aec6b3b 140248 squidclient_3.4.8-6_amd64.deb de1fe6a05c11ae70d8046e7e2a7e67321276f191 143162 squid-cgi_3.4.8-6_amd64.deb d74649b43d50032a00b4879cfff79a8b514de5eb 138804 squid-purge_3.4.8-6_amd64.deb Checksums-Sha256: e0c511390482945b694e444bd1861524faf4f817385c059851f9ef7a1349aafc 2271 squid3_3.4.8-6.dsc 5b5cf0571516c221ad659e4fddcf7af3b3f5311ceaedf4413051c44231247aef 29968 squid3_3.4.8-6.debian.tar.xz ac540fcd3d6eea3a1fd477492effc7e0fb39c05d7df3c2908daa852dfd22bfa5 258036 squid3-common_3.4.8-6_all.deb ce2cb8e2dee057b8e837849e2286c5da505316b830548b288e2d5f52c485dc1a 2066774 squid3_3.4.8-6_amd64.deb 4095e47fee3c15644e3ddfd168f63621c9afef4af3916ace36b79e98c53aef09 8652908 squid3-dbg_3.4.8-6_amd64.deb 708a16482144250762fce3ba11fb8330da01788cb1484e4d11915729ae891f5e 140248 squidclient_3.4.8-6_amd64.deb bc28ac831120310b54862e90a3ca1674522534cf85ead399ed3104a4b72d9a33 143162 squid-cgi_3.4.8-6_amd64.deb a3dd990bc3ae0e927773d4147e5ae366c6586c1acceb9eee77991da9ab7b995b 138804 squid-purge_3.4.8-6_amd64.deb Files: a9b46fa4ca1830510441c9e3ac2a47d1 2271 web optional squid3_3.4.8-6.dsc 924957fd4679ccc131091d5226f81d30 29968 web optional squid3_3.4.8-6.debian.tar.xz e2d7eddd1221a196362d0337e9c1ba8f 258036 web optional squid3-common_3.4.8-6_all.deb c6c3d8d40328ca685d799b919820466d 2066774 web optional squid3_3.4.8-6_amd64.deb 31bba1f5501b3a92e80e5c17e27ef51d 8652908 debug extra squid3-dbg_3.4.8-6_amd64.deb f49cff69b226f43b32488941aa00e2ed 140248 web optional squidclient_3.4.8-6_amd64.deb 5edb66d453474133d6dd808fbff6f003 143162 web optional squid-cgi_3.4.8-6_amd64.deb df92c40e529d70ed3e91ef8a4780f22e 138804 web optional squid-purge_3.4.8-6_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJUyM/AAAoJEAKE8gwrqXzti3AP/1OfXO88RiL55Iz315UkgI62 aH+Gdl33/Qi2qshT/8cjiMvNBDwhfZodCvhygKPbwim76kF0CKc/Ae148sy7IS/F KJWWlsEDDPyHZ5oBArAqa/eRfBMRtqVhGu6CuxzczTUgzC1VpxejYk6ZYjCafeQI rHE+HUjGM79OWt9zTM5iJHaw7T/hdRX/snoDKGOuKg9gn8+ti6kJAG9xzUBey0XN q6lGpKn4I9fu+QUFpjIYL8r8l5eORdJ3xKWol1BNqIL5KKIiJAbEjJIVtwtVJ/1V MjEKb93yE0piZuydq/tHAxp3x6/KYgt5Z1J9rwBP8/WVhvg4n2MlcUbMzG54aWTI G1IcrV3Y2oFFGMvkZbfFBfH9miF4BMiTyGhg6lwxxzVJQ1CTeDoPbnMsgPaxgjC7 QLiLvTxIs3mGy/gHJcX+ULAa45fS4G3Dc0UsgCUYZjIqSvt2jmcjb2ltnQ+ECgN4 zuGA1xqcYRtaGJoQG5W/m+6A80r1A5GWxPVZH1qxzbrhnryFKf5s8nqSL1i4gHdg ZjuxlIRWGINRvTrUkguVgx6M4zigrwGHCLozvP5842Rc6O7ESnyhMOqET3hhimNn RimuieQ+rt5TJFkeVYwEhwDAllW1XzuEAzqXh2VwPXM/8UU1GC4Z5W95C3q6O4mH 6oqj4yznhF7ySpYvWjp8 =aHep -----END PGP SIGNATURE-----
--- End Message ---
