[CORRECTED] [SECURITY] Fedora Core 2 Update: squid-2.5.STABLE5-4.fc2.1

Jay Fenlason fenlason at redhat.com
Thu Oct 7 17:43:08 UTC 2004 

Because of a typeo, the original announcement referred to the
squid-2.5.STABLE5-4.fc2 rpms instead of the
squid-2.5.STABLE5-4.fc2.1 ones.  This corrected advisory lists the
correct rpms and MD5 sums.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-330
2004-10-07
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : squid
Version     : 2.5.STABLE5                      
Release     : 4.fc2.1                  
Summary     : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

---------------------------------------------------------------------

This update fixes a potential DoS against squid that was reported by
Secunia.  See                                                       
http://secunia.com/advisories/12508/
for details.

* Fri Oct 01 2004 Jay Fenlason <fenlason at redhat.com> 7:2.5.STABLE3-4.fc2.1

- Modify the entry for /etc/squid.conf in this spec file to set the
  permissions to 640 owned by root:squid.  This will protect passwords
  stored in the file from prying eyes, and close #125007
- Include the -proxy-abuse patch, which closes #133970


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

7419c4a407998180020030c89f44fc87  SRPMS/squid-2.5.STABLE5-4.fc2.1.src.rpm
e2a0f29bbdbe44cff75f0ba644a7fbba  x86_64/squid-2.5.STABLE5-4.fc2.1.x86_64.rpm
4cb91edbca411b00aef3008920ae9714  x86_64/debug/squid-debuginfo-2.5.STABLE5-4.fc2.1.x86_64.rpm
730574b7d98c1c77b33529591989f191  i386/squid-2.5.STABLE5-4.fc2.1.i386.rpm
a7a7f22361580f62f166ace5b5bc3316  i386/debug/squid-debuginfo-2.5.STABLE5-4.fc2.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

More information about the fedora-announce-list mailing list