Debian Bug report logs - #538989
squid3: multiple debian of services vectors on response/request processing

version graph

Package: squid3; Maintainer for squid3 is Luigi Gangitano <luigi@debian.org>; Source for squid3 is src:squid3.

Reported by: Nico Golde <nion@debian.org>

Date: Tue, 28 Jul 2009 11:39:02 UTC

Severity: grave

Tags: patch, security

Fixed in version 3.0.STABLE16-2.1

Done: Luigi Gangitano <luigi@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Luigi Gangitano <luigi@debian.org>:
Bug#538989; Package squid3. (Tue, 28 Jul 2009 11:39:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
New Bug report received and forwarded. Copy sent to Luigi Gangitano <luigi@debian.org>. (Tue, 28 Jul 2009 11:39:05 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: submit@bugs.debian.org
Subject: squid3: multiple debian of services vectors on response/request processing
Date: Tue, 28 Jul 2009 13:33:37 +0200
[Message part 1 (text/plain, inline)]
Package: squid3
Severity: grave
Tags: security patch

Hi,
the following security issue was published for squid3:
| Due to incorrect buffer limits and related bound checks Squid
| is vulnerable to a denial of service attack when processing
| specially crafted requests or responses.
|
| Due to incorrect data validation Squid is vulnerable to a denial
| of service attack when processing specially crafted responses.

Unfortunately there is no CVE id for this yet.

For further information see:
http://www.squid-cache.org/Advisories/SQUID-2009_2.txt

this also links patches.

Cheers
Nico
P.S. stable update on its way
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Luigi Gangitano <luigi@debian.org>:
Bug#538989; Package squid3. (Tue, 04 Aug 2009 20:09:12 GMT) Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Luigi Gangitano <luigi@debian.org>. (Tue, 04 Aug 2009 20:09:12 GMT) Full text and rfc822 format available.

Message #10 received at 538989@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 538989@bugs.debian.org
Subject: intent to NMU
Date: Tue, 4 Aug 2009 21:58:33 +0200
[Message part 1 (text/plain, inline)]
Hi,
I intent to upload a 0-day NMU to fix this issue.

Patch on 
http://people.debian.org/~nion/nmu-diff/squid3-3.0.STABLE16-2_3.0.STABLE16-2.1.patch

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Luigi Gangitano <luigi@debian.org>:
Bug#538989; Package squid3. (Wed, 05 Aug 2009 08:48:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Roland Karch <karch@nefkom.net>:
Extra info received and forwarded to list. Copy sent to Luigi Gangitano <luigi@debian.org>. (Wed, 05 Aug 2009 08:48:02 GMT) Full text and rfc822 format available.

Message #15 received at 538989@bugs.debian.org (full text, mbox):

From: Roland Karch <karch@nefkom.net>
To: 538989@bugs.debian.org
Subject: Regression
Date: Wed, 05 Aug 2009 10:45:54 +0200
Please note that this fix broke Squid quite badly, see here for details
(and a patch to fix it):
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539160

On skim reading the NMU patch, it seems to contain the regression too.




Reply sent to Luigi Gangitano <luigi@debian.org>:
You have taken responsibility. (Sat, 08 Aug 2009 22:45:05 GMT) Full text and rfc822 format available.

Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer. (Sat, 08 Aug 2009 22:45:05 GMT) Full text and rfc822 format available.

Message #20 received at 538989-done@bugs.debian.org (full text, mbox):

From: Luigi Gangitano <luigi@debian.org>
To: 538989-done@bugs.debian.org
Subject: Re: Bug#538989: Regression
Date: Sun, 9 Aug 2009 00:40:37 +0200
Version: 3.0.STABLE16-2.1

This security issue was resolved in package version 3.0.STABLE16-2.1  
for sid/squeeze and 3.0.STABLE8-3+lenny1 for lenny.

Regards,

L

--
Luigi Gangitano -- <luigi@debian.org> -- <gangitano@lugroma3.org>
GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972  C24A F19B A618 924C 0C26






Information forwarded to debian-bugs-dist@lists.debian.org, Luigi Gangitano <luigi@debian.org>:
Bug#538989; Package squid3. (Sat, 08 Aug 2009 23:45:09 GMT) Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Luigi Gangitano <luigi@debian.org>. (Sat, 08 Aug 2009 23:45:09 GMT) Full text and rfc822 format available.

Message #25 received at 538989@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 538989@bugs.debian.org
Subject: Re: Bug#538989 closed by Luigi Gangitano <luigi@debian.org> (Re: Bug#538989: Regression)
Date: Sun, 9 Aug 2009 01:38:58 +0200
[Message part 1 (text/plain, inline)]
Hi,
* Debian Bug Tracking System <owner@bugs.debian.org> [2009-08-09 00:45]:
[...] 
> Version: 3.0.STABLE16-2.1
> 
> This security issue was resolved in package version 3.0.STABLE16-2.1 for 
> sid/squeeze and 3.0.STABLE8-3+lenny1 for lenny.

Funny, actually I NMUed it myself :)

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Luigi Gangitano <luigi@debian.org>:
Bug#538989; Package squid3. (Sun, 09 Aug 2009 00:48:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Luigi Gangitano <gangitano@lugroma3.org>:
Extra info received and forwarded to list. Copy sent to Luigi Gangitano <luigi@debian.org>. (Sun, 09 Aug 2009 00:48:03 GMT) Full text and rfc822 format available.

Message #30 received at 538989@bugs.debian.org (full text, mbox):

From: Luigi Gangitano <gangitano@lugroma3.org>
To: Nico Golde <nion@debian.org>, 538989@bugs.debian.org
Subject: Re: Bug#538989: closed by Luigi Gangitano <luigi@debian.org> (Re: Bug#538989: Regression)
Date: Sun, 9 Aug 2009 02:46:14 +0200
Il giorno 09/ago/09, alle ore 01:38, Nico Golde ha scritto:

> Hi,
> * Debian Bug Tracking System <owner@bugs.debian.org> [2009-08-09  
> 00:45]:
> [...]
>> Version: 3.0.STABLE16-2.1
>>
>> This security issue was resolved in package version  
>> 3.0.STABLE16-2.1 for
>> sid/squeeze and 3.0.STABLE8-3+lenny1 for lenny.
>
> Funny, actually I NMUed it myself :)


I know. :-) You just didn't add the closing tag. :-)

L

--
Luigi Gangitano -- <luigi@debian.org> -- <gangitano@lugroma3.org>
GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972  C24A F19B A618 924C 0C26






Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 06 Sep 2009 07:50:09 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 07:56:42 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.