squid security update
Security Advisory: Important
An updated squid package that fixes a remote denial of service vulnerability
is now avaliable.
Squid is a full-featured Web proxy cache.
iDEFENSE reported a flaw in the squid SNMP module. This flaw could allow
an attacker who has the ability to send arbitrary packets to the SNMP port
to restart the server, causing it to drop all open connections. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0918 to this issue.
All users of squid should update to this erratum package, which contains a
backport of the security fix for this vulnerability.
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/