Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 349611

Summary: version-bump net-proxy/squid-3.1.10
Product: Gentoo Security Reporter: esc <esc-06>
Component: VulnerabilitiesAssignee: Gentoo Network Proxy Developers (OBSOLETE) <net-proxy+disabled>
Status: RESOLVED FIXED    
Severity: normal CC: bug, eras, martin.holzer, underling
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description esc 2010-12-24 14:21:35 UTC 
Some issues to note as currently known in this release which are not able to be fixed in the 3.1 series are:

    * The lack of some features available in Squid-2.x series. See the regression sections below for full details.
    * CVE-2009-0801 : NAT interception vulnerability to malicious clients.

http://www2.de.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2010-12-27 04:55:56 UTC 
esc, I do not see anything in the 3.1.10 (or 3.1.9) release notes that are particularly security-related, nor do I see relevant advisories at http://www.squid-cache.org/Advisories/. I am reassigning to net-proxy, but feel free to loop me in if I am missing something. 

Thank you.
Comment 2 martin holzer 2011-01-17 15:43:39 UTC 
please bump
Comment 3 Nebojsa Trpkovic 2011-04-05 11:01:34 UTC 
http://bugs.gentoo.org/show_bug.cgi?id=362049
Comment 4 Eray Aslan gentoo-dev 2011-04-29 13:29:57 UTC 
+*squid-3.1.12 (29 Apr 2011)
+
+  29 Apr 2011; Eray Aslan <eras@gentoo.org> +squid-3.1.12.ebuild,
+  +files/squid-3.1.12-gentoo.patch:
+  Non-maintainer version bump - bug #362049
+