-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Squid HTTP Proxy team is very pleased to announce the availability of the Squid-3.4.8 release! This release is a security release resolving several vulnerability issues found in the prior Squid releases. The major changes to be aware of: * CVE-2014-6270 : SQUID-2014:3 Buffer overflow in SNMP processing http://www.squid-cache.org/Advisories/SQUID-2014_3.txt This vulnerability allows any client who is allowed to send SNMP packets to the proxy to perform a denial of service attack on Squid. The issue came to light as the result of active 0-day attacks. Since publication several other attack sightings have been reported. * CVE-2014-7141 and CVE-2014-7142 : SQUID-2014:4 http://www.squid-cache.org/Advisories/SQUID-2014_4.txt These vulnerabilities allow a remote attack server to trigger DoS or information leakage by sending various malformed ICMP and ICMPv6 packets to the Squid pinger helper. The worst-case DoS scenario is a rarity, a more common impact will be general service degradation for high-performance systems relying on the pinger for realtime network measurement. All users of Squid are urged to upgrade to this release as soon as possible. See the ChangeLog for the full list of changes in this and earlier releases. Please refer to the release notes at http://www.squid-cache.org/Versions/v3/3.4/RELEASENOTES.html when you are ready to make the switch to Squid-3.4 Upgrade tip: "squid -k parse" is starting to display even more useful hints about squid.conf changes. This new release can be downloaded from our HTTP or FTP servers http://www.squid-cache.org/Versions/v3/3.4/ ftp://ftp.squid-cache.org/pub/squid/ ftp://ftp.squid-cache.org/pub/archive/3.4/ or the mirrors. For a list of mirror sites see http://www.squid-cache.org/Download/http-mirrors.html http://www.squid-cache.org/Download/mirrors.html If you encounter any issues with this release please file a bug report. http://bugs.squid-cache.org/ Amos Jeffries -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJULRYCAAoJELJo5wb/XPRjvlAH/RX9L3EZn4PKJlUnkrx5XZ4e cnjnS//yU7CD0w1epYxlHsrxoEBuQ4QrBO00+85inGLM1ucA9znjz408Y/e64fAU kyYGHrDyW+iHouY97+CJSoP1rXtBBlaGgcUDm1WS6UXkKBFQWtguhST2hPa68QVr 297uxVyE5y4mObD4Ch9AY20geBbTBd6Eorq+NYd5XePlfZzRtoaE3aE30h144hQd JIgTifDnyH1Kwrez4k+hX/qdYtEW/r6P7YXLJk7QPMEv0Jg9eMHiS64+eYvAh6Yb DueYIu1rps3tMhndOB87v40D0KPXoDWTPOLMkrIIUSOtbTT8FNUjyk1+KpxPwIc= =Qop2 -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
