安全研究
安全漏洞
Squid外部认证头解析器拒绝服务漏洞
发布日期:2009-08-18
更新日期:2009-08-19
受影响系统:
Squid Web Proxy Cache 2.7描述:
BUGTRAQ ID: 36091
CVE ID: CVE-2009-2855
Squid是一个高效的Web缓存及代理程序,最初是为Unix平台开发的,现在也被移植到Linux和大多数的Unix类系统中,最新的Squid可以运行在Windows平台下。
Squid的src/HttpHeaderTools.c文件中的strListGetItem函数中存在拒绝服务漏洞。如果远程攻击者向服务器发送了包含有某些逗号分隔符的特制认证头,就可以在strcspn函数中触发死循环,导致服务崩溃。
<*来源:Luigi Gangitano (luigi@debian.org)
链接:http://www.squid-cache.org/bugs/show_bug.cgi?format=multiple&id=2704
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534982
http://secunia.com/advisories/36378/
http://www.debian.org/security/2010/dsa-1991
https://www.redhat.com/support/errata/RHSA-2010-0221.html
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1991-1)以及相应补丁:
DSA-1991-1:New squid/squid3 packages fix denial of service
链接:http://www.debian.org/security/2010/dsa-1991
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5.diff.gz
Size/MD5 checksum: 274283 f35fba0ebbd63b22786d04c8775aacf6
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2.dsc
Size/MD5 checksum: 736 afa36dab050b287f83cb9ff2f802c52c
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5.orig.tar.gz
Size/MD5 checksum: 3061614 35cc83c17afb17c4718ffc8d0d71bcae
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2.diff.gz
Size/MD5 checksum: 13917 b19a43d3e4fd77350b8f4f7343a3169c
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5.orig.tar.gz
Size/MD5 checksum: 1636886 26cc918028340dc8ceb9c0c4b988d717
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5.dsc
Size/MD5 checksum: 678 2e53013dd1d22bc98d694c4b0775a715
Architecture independent packages:
http://security.debian.org/pool/updates/main/s/squid3/squid3-common_3.0.PRE5-5+etch2_all.deb
Size/MD5 checksum: 245540 c4dfb7902e784ae1d3272237f744581c
http://security.debian.org/pool/updates/main/s/squid/squid-common_2.6.5-6etch5_all.deb
Size/MD5 checksum: 439698 69401a11436668a2e47c1886ed671d97
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_alpha.deb
Size/MD5 checksum: 72214 14713da6c162394cedb830e077c7fd76
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_alpha.deb
Size/MD5 checksum: 67820 240b81667c88a8d36d6a956de4a5f63c
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_alpha.deb
Size/MD5 checksum: 887818 2189938d4adca4944f2e80b1410270ca
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_alpha.deb
Size/MD5 checksum: 119894 0f37fae0a9c76523d4c94c910288db09
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_alpha.deb
Size/MD5 checksum: 793752 86de0371720bd75455d4dad8680fb57e
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_alpha.deb
Size/MD5 checksum: 88574 c0198db9fc0625a9344d8c732edcd4b3
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_amd64.deb
Size/MD5 checksum: 117318 7d842bc07551d277ca2b9fad8a4cfd8c
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_amd64.deb
Size/MD5 checksum: 86646 9366ef6a3699b718c2d8bfb8e2cc1c60
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_amd64.deb
Size/MD5 checksum: 709444 b0fee816e56a72c0286b280eb1580b74
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_hppa.deb
Size/MD5 checksum: 748582 b8c46c88df2c4cfc2616d4f072574e1d
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_hppa.deb
Size/MD5 checksum: 88168 f81c4c96b838df6b1c2a88f6ed7d8dd9
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_hppa.deb
Size/MD5 checksum: 929026 98f55b0471c50ceb6bb465f11dca4e03
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_hppa.deb
Size/MD5 checksum: 118808 c020a98bd4a7da35597f9807592a5b77
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_hppa.deb
Size/MD5 checksum: 66612 537a6daa5972353ecd0ff2c5875f62ca
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_hppa.deb
Size/MD5 checksum: 70078 07cdb9fee89b9e117620abb860ea2932
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_i386.deb
Size/MD5 checksum: 86030 6688fcc15664c2eb7c8326bac53188bb
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_i386.deb
Size/MD5 checksum: 68408 e3ddb9042ba9ed6216cfd91c29629cf9
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_i386.deb
Size/MD5 checksum: 117372 1a907bd4666d4de8298b99a6b97d8b9c
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_i386.deb
Size/MD5 checksum: 738444 37cae352255e3185386ae267acfc4b8a
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_i386.deb
Size/MD5 checksum: 64120 8c2487a0fc5fd988137e34e92055b9c6
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_i386.deb
Size/MD5 checksum: 654880 d63eacb8a0dec6db6f789e40bbcbc404
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_ia64.deb
Size/MD5 checksum: 1185350 8a83aa215863bf780a8c06816eb8db9b
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_ia64.deb
Size/MD5 checksum: 1067332 c5c4f62d1d0a72cd59bd8008d64430b3
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_ia64.deb
Size/MD5 checksum: 91628 52457c1d77a6ab7f847175b35edd9ec2
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_ia64.deb
Size/MD5 checksum: 70446 e47c8714efcf53aa37857acd26a0dfe0
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_ia64.deb
Size/MD5 checksum: 124520 353bf837181ed1d81a4d7907b1806027
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_ia64.deb
Size/MD5 checksum: 76224 48ea58cf0b875b838bda0dc6e04636d9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_mipsel.deb
Size/MD5 checksum: 70130 33bdd10d64e1a569c0d31d21c9604b5a
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_mipsel.deb
Size/MD5 checksum: 911924 2fd8416522c033b76714eb85977e4f51
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_mipsel.deb
Size/MD5 checksum: 747638 872c0af7adc5047da5e220de021a36d4
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_mipsel.deb
Size/MD5 checksum: 117484 0716d83d083fc20b3974a4a7b3d1a9d2
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_mipsel.deb
Size/MD5 checksum: 87550 08e6ca7525fd9ddf2115761ba35805a1
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_mipsel.deb
Size/MD5 checksum: 66448 a85376b26a332980b8c5d15e86bb0de8
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_s390.deb
Size/MD5 checksum: 69942 ec54a9ef712024b20ddce6a6b4c9da1b
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_s390.deb
Size/MD5 checksum: 116996 36b971cdf582b80a01a6943044ddece4
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_s390.deb
Size/MD5 checksum: 66072 1a5dd4b79ff1fe8ab679b5a817ee2c39
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_s390.deb
Size/MD5 checksum: 789672 bd1417584ed1a85dc74d290bdbafde41
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_s390.deb
Size/MD5 checksum: 712096 3dbc4bd21a880100cf8bc235e18fd6b0
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_s390.deb
Size/MD5 checksum: 86864 d00892e40172a5d7911b52483e3a3001
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.6.5-6etch5_sparc.deb
Size/MD5 checksum: 86528 850d852613fb30370303bf1b43b82189
http://security.debian.org/pool/updates/main/s/squid/squid_2.6.5-6etch5_sparc.deb
Size/MD5 checksum: 664030 1e613ae2224c5a76cab9739edfb4d97b
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.PRE5-5+etch2_sparc.deb
Size/MD5 checksum: 754534 faef2b408b180d2b8f7520e68ae58fe4
http://security.debian.org/pool/updates/main/s/squid3/squid3-client_3.0.PRE5-5+etch2_sparc.deb
Size/MD5 checksum: 65092 57b792e95e8df967b3849c41779bffa4
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.PRE5-5+etch2_sparc.deb
Size/MD5 checksum: 68932 ebb6417f10320745332702f8478a63c6
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.6.5-6etch5_sparc.deb
Size/MD5 checksum: 117034 363f9de6fc0d2cba1635261e3d82f744
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1.diff.gz
Size/MD5 checksum: 304919 c9b0294c475b0d3118d25a60e8bb17d1
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1.dsc
Size/MD5 checksum: 1165 3d00959e8a0e1b88d81a1c3bdaef1676
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3.orig.tar.gz
Size/MD5 checksum: 1782040 a4d7608696e2b617aa5853c7d23e25b0
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3.dsc
Size/MD5 checksum: 1193 f4e0434cbb77dca110a2c6200eff8195
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3.diff.gz
Size/MD5 checksum: 19812 3da0e3edc7060e072da98cc1879eeb00
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8.orig.tar.gz
Size/MD5 checksum: 2443502 b5d26e1b7e2285bb60cf4de249113722
Architecture independent packages:
http://security.debian.org/pool/updates/main/s/squid/squid-common_2.7.STABLE3-4.1lenny1_all.deb
Size/MD5 checksum: 493526 812524fc4efa57618ed4d1def3dcc720
http://security.debian.org/pool/updates/main/s/squid3/squid3-common_3.0.STABLE8-3+lenny3_all.deb
Size/MD5 checksum: 288766 cf2f0029151faa69307bac5b2c03e60b
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_alpha.deb
Size/MD5 checksum: 835588 069c56b3eab9fc2d1d0b60e16f18e044
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_alpha.deb
Size/MD5 checksum: 91144 6cce50f543ccdfa1d645e9c98529589c
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_alpha.deb
Size/MD5 checksum: 1122354 932a805486aab1346bc99c582a13b495
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_alpha.deb
Size/MD5 checksum: 121428 b467965585ddf831d06642d9ca336aae
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_alpha.deb
Size/MD5 checksum: 95236 4f2442d0d1c00925ad6c12682749e4c1
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_amd64.deb
Size/MD5 checksum: 88974 06f8d3a64200a3dfca38d44cc13723cf
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_amd64.deb
Size/MD5 checksum: 118654 e7b6a9daf773f78f7009d56520632692
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_amd64.deb
Size/MD5 checksum: 1009038 aecc1c3c7acf456ff6255065f32ad224
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_amd64.deb
Size/MD5 checksum: 767478 9ad645e0203464391bb4139ffa786359
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_amd64.deb
Size/MD5 checksum: 92862 0dbd022f1c8be1e09656958294db3038
arm architecture (ARM)
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_arm.deb
Size/MD5 checksum: 979854 09f2607cf6cf9c27f0b5425433e25cdb
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_arm.deb
Size/MD5 checksum: 719926 aef403c0efc225598bc59346cabdf8ae
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_arm.deb
Size/MD5 checksum: 87220 f10d2900317d1055aeaf109e8106582a
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_arm.deb
Size/MD5 checksum: 117820 83efb7b8bc54f75dae6b44347734c52c
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_arm.deb
Size/MD5 checksum: 90342 6ee2db36a8750ebb11cdd0f405579b82
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_armel.deb
Size/MD5 checksum: 88332 96fa9f51626beefabf3d9998f4dfde78
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_armel.deb
Size/MD5 checksum: 930654 409f7b3760cfab3e35f6144a5aaeb395
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_armel.deb
Size/MD5 checksum: 91268 bd9cc31d518a33c0b92dc74fc813121e
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_hppa.deb
Size/MD5 checksum: 120148 8226b1ad4b318dc9dff6f3ff759c0291
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_hppa.deb
Size/MD5 checksum: 93554 83f7bb58a289b62fa5ff04b1176c6877
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_hppa.deb
Size/MD5 checksum: 89710 bdf7da3f5621df2e99290fb946a0b5f7
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_hppa.deb
Size/MD5 checksum: 788638 d0f6b69801fa53d4b8d4ec3283180262
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_hppa.deb
Size/MD5 checksum: 1164016 4686f21aa46e06ee9a0d3a9912ed3339
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_i386.deb
Size/MD5 checksum: 91664 fc3722b5fac63edf8677434a85e4bafc
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_i386.deb
Size/MD5 checksum: 117732 ae221ec979f6984ca5ed89b76239df13
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_i386.deb
Size/MD5 checksum: 934494 565e00e4581b326d802d2d9bf2fc4589
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_i386.deb
Size/MD5 checksum: 688540 30387d06ef752feb274c3e3171028296
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_i386.deb
Size/MD5 checksum: 87232 d2ff96bce1e135be075c2952800dec70
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_ia64.deb
Size/MD5 checksum: 1494152 5610139ea6954ec8aabc5e88be72f462
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_ia64.deb
Size/MD5 checksum: 1137372 feeb4b5da8bd0d006e79a4ab925ac77d
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_ia64.deb
Size/MD5 checksum: 93592 03a66d299c07d5c7beb91dc84808abab
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_ia64.deb
Size/MD5 checksum: 99674 c1a90b133a130e244ae22051d29b67dd
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_ia64.deb
Size/MD5 checksum: 124788 37f3396ea5ca9a7cfc7af794b13c93c9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_mipsel.deb
Size/MD5 checksum: 89730 570dbfd6b83c2f71bb60c9c55479b7e4
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_mipsel.deb
Size/MD5 checksum: 1071320 6317781788f54e3641149ef359234597
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_mipsel.deb
Size/MD5 checksum: 93314 1a41fbea1d1e0cc5af02db68c8f7d702
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_powerpc.deb
Size/MD5 checksum: 119952 7afb45df2c2682548283dd67e11bdfb2
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_powerpc.deb
Size/MD5 checksum: 88814 418110087d71155b3bf5d60eb02a9b1b
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_powerpc.deb
Size/MD5 checksum: 93888 0958f0b19eb149cbe271424682ffeeaa
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_powerpc.deb
Size/MD5 checksum: 776798 afd8a43585666d766888d61cc654df76
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_powerpc.deb
Size/MD5 checksum: 1052470 b381bb088a9cc3ec43695b535b9e5928
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_s390.deb
Size/MD5 checksum: 92756 508feb4ed0eccd3e035a39d8147ba35d
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_s390.deb
Size/MD5 checksum: 89716 bf939d2ef30aff49bb11aa9b4dd0c0a0
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_s390.deb
Size/MD5 checksum: 994974 f651aa10f49b2406791a71742b0750c9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.7.STABLE3-4.1lenny1_sparc.deb
Size/MD5 checksum: 118052 be5a2f58b3b6fb9c19da483fb9624621
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny3_sparc.deb
Size/MD5 checksum: 92582 4d7096f29ec68d99884d09429662f83a
http://security.debian.org/pool/updates/main/s/squid/squid_2.7.STABLE3-4.1lenny1_sparc.deb
Size/MD5 checksum: 706488 66addf3707104f1cfc1b25ab1d6e0a59
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny3_sparc.deb
Size/MD5 checksum: 960492 f6deac1df76e82e104b5a150660ba577
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny3_sparc.deb
Size/MD5 checksum: 88824 3c23865550325a7fcd8bb4e0dd23c46f
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2010:0221-04)以及相应补丁:
RHSA-2010:0221-04:Low: squid security and bug fix update
链接:https://www.redhat.com/support/errata/RHSA-2010-0221.html
Squid
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=31;filename=diff;att=1;bug=534982
浏览次数:4925
严重程度:0(网友投票)
绿盟科技给您安全的保障