Takahiro Kambe wrote:
Hi, In message <49897042.7070908@xxxxxxxxxxxxx> on Wed, 04 Feb 2009 23:38:58 +1300, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:__________________________________________________________________ Squid Proxy Cache Security Update Advisory SQUID-2009:1 __________________________________________________________________ Advisory ID: SQUID-2009:1 Date: February 02, 2009 Summary: Denial of service in request processing Affected versions: Squid 2.7 -> 2.7.STABLE5, Squid 3.0 -> 3.0.STABLE12, Squid 3.1 -> 3.1.0.4What about older releases, 2.6.STABLE22? I don't request fix the older release but want to know it is affected or not.
2.6 and 2.5 are immune to the denial of service effects against themselves. They are still open to relaying bad requests from their legit clients, so upgrade is desirable at the admin discretion.
Amos -- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13 Current Beta Squid 3.1.0.5
