Time to bump patchset again: http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting
*** Bug 79581 has been marked as a duplicate of this bug. ***
Opening since this is public. Cyfred please bump.
See squild-2.5.7-r4 in cvs now
Thx Andrew. Security please vote on GLSA. We could combine it with the issue on bug #78776.
It's mostly cache poisoning and log poisoning... but adding them together they may be worth a GLSA (a "Low" one). Voting YES.
squid-2.5.STABLE7-header_parsing is CAN-2005-0174 squid-2.5.STABLE7-response_splitting is CAN-2005-0175 squid-2.5.STABLE7-ldap_spaces from bug 78776 is CAN-2005-0173
I vote YES -> GLSA
s390, mips: please mark stable to benefit from GLSA
Waiting for bug 80201 to send out GLSA
GLSA 200502-04
mips stable.