-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/07/2013 05:37 PM, Amos Jeffries wrote: > On 6/03/2013 9:53 a.m., tytusromekiatomek@xxxxxxxxxxxx wrote: >> ################################################################ >> # DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc # >> ################################################################ >> # # Authors: # # 22733db72ab3ed94b5f8a1ffcde850251fe6f466 # >> c8e74ebd8392fda4788179f9a02bb49337638e7b # AKAT-1 # >> ####################################### >> >> # Versions: 3.2.5, 3.2.7 > > Thank you very much for reporting this to us upstream and ensuring > a patch was available before publishing it publicly *cough*. This > has now been fixed. > > Would you care to do better on the other ones before someone else > has a chance to mail your exploit to our bugs@ address and grab all > the discovery glory? > > Amos Jeffries Squid Project Please use CVE-2013-1839 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRPjyAAAoJEBYNRVNeJnmT2akP/3a8sbpYdGYNcRfh1diMh8d9 vXgTIWuCucln7xICDoav+qBJkVwXiRIQSaGlRtA56MdkIJBYj53gSrAOOsr2vOhq v8jmc65qQFH/fzt93Q0h/yF7ozY9IYY37frVMUmJeKs+JRsrkWSDvqpiiOgdmJON LW7YmW0lkt+p/ye14BMq072zsUikgz8oU4oJhJvbZR1o2El1LSzTj3EbCIxbwbYg dHAzPWKiujytkB6pziiU8OFowqhcOksEu/Qod8mMVFgG8L56bjkAhL5BVHdP2uY9 JFHhPXi5P0XYQ04/975wG2qOZt56W7p9Hp7ji6SRiWC8wZhVe7FFoFk/y3DC3gdY ICh3BjtX7rh1hm1BYnf6gE8cC8KZFkpmO+Fltp2blbpd5IGDP64IdZ5Tj5elFI27 CuvWJ8oY2vHHJ1+NmXRzSWrWkuSaRzSmcvItlOillP8qAXIYvTT8NY6rHbahkM/5 mCuFo12yhUXVl31ilo0E8Y00mrgI2psDUfHv/Q+FNkRylMykhzpii+/XjW6llHDJ GM4XN+H4oLF3TEZ+3mPEBoQl5c0Vc8p0yk3x5tM/MhuRQ68X173+tsjmg4QtxLiv 1LGYVtNphMsdwprWC01ci/xeh0kfHX4liK/9NY7aS3evScku94jGwHn9X+oVejOT XXkwifp3W+pf9AO5b8la =NngW -----END PGP SIGNATURE-----
