Bastian Blank reported an infinite loop when processing auth headers. No upstream patch yet.
CVE-2009-2855 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2855): The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
This seems related to an older Bug: http://www.squid-cache.org/bugs/show_bug.cgi?id=2541 Upstream Patch: http://www.squid-cache.org/bugs/attachment.cgi?id=2041
Fixed in versions squid-2.7.6-r2, squid-3.0.18-r1 and squid-3.1.0.13_beta-r1. Arch teams, please mark version squid-3.0.18-r1 *and* squid-2.7.6-r2 as stable.
Stable for HPPA.
ppc stable
x86 stable
alpha/arm/ia64/sparc stable
amd64 stable
ppc64 done
GLSA voting: YES
Yes, too. Request filed.
could be closed, not more in cvs tree
This issue was resolved and addressed in GLSA 201110-24 at http://security.gentoo.org/glsa/glsa-201110-24.xml by GLSA coordinator Tim Sammut (underling).