Debian Bug report logs -
#575747
CVE-2010-0308: denial of service via a crafted DNS packet
Reported by: Giuseppe Iuculano <iuculano@debian.org>
Date: Sun, 28 Mar 2010 21:27:02 UTC
Severity: serious
Tags: security
Fixed in version 3.1.0.16-1
Done: Luigi Gangitano <gangitano@lugroma3.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Luigi Gangitano <luigi@debian.org>:
Bug#575747; Package squid3.
(Sun, 28 Mar 2010 21:27:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Giuseppe Iuculano <iuculano@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Luigi Gangitano <luigi@debian.org>.
(Sun, 28 Mar 2010 21:27:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: squid3
Severity: serious
Tags: security
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for squid3.
CVE-2010-0308[0]:
| lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through
| 3.1.0.15 allows remote attackers to cause a denial of service
| (assertion failure) via a crafted DNS packet that only contains a
| header.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0308
http://security-tracker.debian.org/tracker/CVE-2010-0308
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkuvyQ4ACgkQNxpp46476arqKgCfV9CtK4geHcTUyTO1jMM3b9Uq
PicAn2y+7V71eqNeYxlnd83JixlAt0zY
=Mtru
-----END PGP SIGNATURE-----
Reply sent
to Luigi Gangitano <gangitano@lugroma3.org>:
You have taken responsibility.
(Thu, 01 Apr 2010 00:42:03 GMT) (full text, mbox, link).
Notification sent
to Giuseppe Iuculano <iuculano@debian.org>:
Bug acknowledged by developer.
(Thu, 01 Apr 2010 00:42:03 GMT) (full text, mbox, link).
Message #10 received at 575747-done@bugs.debian.org (full text, mbox, reply):
Version: 3.1.0.16-1
This bug is fixed in version 3.1.0.16-1 and referenced in the changelog. Squid 3.1 will hit unstable as soon as the upload queue is restored.
Regards,
L
--
Luigi Gangitano -- <luigi@debian.org> -- <gangitano@lugroma3.org>
GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sat, 15 May 2010 07:35:19 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:47:01 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon