Summary: | www-proxy/squid: Buffer overflow in WCCP recvfrom() call | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jean-François Brunette (RETIRED) <formula7> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | andrewbevitt |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.squid-cache.org/Advisories/SQUID-2005_3.txt | ||
Whiteboard: | A3 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 79495 |
Description
Jean-François Brunette (RETIRED)
2005-01-31 05:47:40 UTC
Andrew please bump. The date on squid-2.5.STABLE7-response_splitting.patch seems to have changed also. Did they change the patch? See squid-2.5.7-r5 patchset 20050201 Thx Andrew. This one is ready for GLSA. The patch was changed slightly in squid-2.5.7-r5 patchset 20050201: 285,298d284 < Index: squid/src/store_digest.c < diff -c squid/src/store_digest.c:1.51 squid/src/store_digest.c:1.51.2.1 < *** squid/src/store_digest.c:1.51 Wed Oct 24 00:55:44 2001 < --- squid/src/store_digest.c Sun Jan 30 18:49:42 2005 < *************** < *** 387,392 **** < --- 387,393 ---- < (long int) e->mem_obj->reply->expires, (int) (e->mem_obj->reply->expires - squid_curtime)); < storeBuffer(e); < httpReplySwapOut(e->mem_obj->reply, e); < + e->mem_obj->reply->hdr_sz = e->mem_obj->inmem_hi; < storeDigestCBlockSwapOut(e); < storeBufferFlush(e); < eventAdd("storeDigestSwapOutStep", storeDigestSwapOutStep, sd_state.rewrite_lock, 0.0, 1); GLSA 200502-04 |