USN-2921-1: Squid vulnerabilities

07 March 2016

Several security issues were fixed in Squid.

Releases

Packages

squid3 - Web proxy cache server

Details

Sebastian Krahmer discovered that Squid incorrectly handled certain SNMP
requests. If SNMP is enabled, a remote attacker could use this issue to
cause Squid to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2014-6270)

Alex Rousskov discovered that Squid incorrectly handled certain malformed
responses. A remote attacker could possibly use this issue to cause Squid
to crash, resulting in a denial of service. (CVE-2016-2571)

Update instructions

The problem can be corrected by updating your system to the following package versions:

In general, a standard system update will make all the necessary changes.

References

Related notices

USN-3557-1: squid3

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

USN-2921-1: Squid vulnerabilities

Releases

Packages

Details

Update instructions

Ubuntu 15.10

Ubuntu 14.04

Ubuntu 12.04

References

Related notices

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading