Advisories ยป MGASA-2014-0369

Updated squid packages fix CVE-2014-3609

Publication date: 05 Sep 2014
Modification date: 05 Sep 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3609

Description

Updated squid packages fix security vulnerability:

Matthew Daley discovered that Squid 3 did not properly perform input
validation in request parsing. A remote attacker could send crafted Range
requests to cause a denial of service (CVE-2014-3609).
                

References

SRPMS

3/core

4/core