Security bugfix for package SQUID
Knowledgebase
(Last modified: 25FEB2002)
solutions Security bugfix for package SQUID SuSE Linux Maintenance Web (b6c43e438b7af0eb925c084c9dc111d7)
SuSE Linux Enterprise Server 7 for IA32
SuSE Linux Enterprise Server 7 for IA64
SuSE Linux Enterprise Server 7 for S/390 and zSeries
SuSE Linux Connectivity Server
Package: squid
Release: 20020225
Obsoletes: none
- The Hypertext Caching Protocol (
HTCP
) remained enabled even though it was supposed to be turned off throughsquid.conf
. - Malformed
ftp://
URLs can causesquid
to crash. - The
SNMP
routines in thesquid
daemon leak memory, which can lead to a Denial of Service attack if more and more memory is consumed.
HTCP
is turned off by a compile time switch.rpm -Uvh squid.rpm
Remove the
htcp_port
option from /etc/squid.conf
after the package has been installed and restart
squid
withrcsquid restart
Download Source Packages
Download the source code of the patches for maintained products.
Disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.