Oval Definition:oval:com.redhat.rhsa:def:20080214
Revision Date:2008-04-08Version:636
Title:RHSA-2008:0214: squid security update (Moderate)
Description:Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects.

  • A flaw was found in the way squid manipulated HTTP headers for cached objects stored in system memory. An attacker could use this flaw to cause a squid child process to exit. This interrupted existing connections and made proxy services unavailable. Note: the parent squid process started a new child process, so this attack only resulted in a temporary denial of service. (CVE-2008-1612)

    Users of squid are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-1612
    RHSA-2008:0214
    RHSA-2008:0214-01
    RHSA-2008:0214-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND squid is earlier than 7:2.5.STABLE3-9.3E
  • AND squid is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squid is earlier than 7:2.5.STABLE14-1.4E.el4_6.2
  • AND squid is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND squid is earlier than 7:2.6.STABLE6-5.el5_1.3
  • AND squid is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squid is earlier than 7:2.5.STABLE14-1.4E.el4_6.2
  • AND squid is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND squid is earlier than 7:2.6.STABLE6-5.el5_1.3
  • AND squid is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND squid is earlier than 7:2.5.STABLE3-9.3E
  • AND squid is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squid is earlier than 7:2.5.STABLE14-1.4E.el4_6.2
  • AND squid is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND squid is earlier than 7:2.6.STABLE6-5.el5_1.3
  • AND squid is signed with Red Hat redhatrelease key
    • BACK