English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Ubuntu update for squid-cgi


Secunia ID

SA52024

CVE-ID

CVE-2012-5643, CVE-2013-0189

Release Date

31 Jan 2013

Criticality

Less Critical

Solution Status

Vendor Patch

Where

From remote

Impact
DoS (Denial of Service)

This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Description

Ubuntu has issued an update for squid-cgi. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

For more information:
SA51545

Solution

Apply updated packages.

-- Ubuntu 12.04 LTS --
https://launchpad.net/ubuntu/+source/squid3/3.1.19-1ubuntu3.12.04.2

-- Ubuntu 11.10 --
https://launchpad.net/ubuntu/+source/squid3/3.1.14-1ubuntu0.3

-- Ubuntu 10.04 LTS --
https://launchpad.net/ubuntu/+source/squid/2.7.STABLE7-1ubuntu12.6

Original Advisory

USN-1713-1:
http://www.ubuntu.com/usn/usn-1713-1/