Red Hat Product Errata RHSA-2011:0545 - Security Advisory
Issued:
2011-05-19
Updated:
2011-05-19

RHSA-2011:0545 - Security Advisory

Synopsis

Low: squid security and bug fix update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An updated squid package that fixes one security issue and two bugs is now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

Squid is a high-performance proxy caching server for web clients,
supporting FTP, Gopher, and HTTP data objects.

It was found that string comparison functions in Squid did not properly
handle the comparisons of NULL and empty strings. A remote, trusted web
client could use this flaw to cause the squid daemon to crash via a
specially-crafted request. (CVE-2010-3072)

This update also fixes the following bugs:

  • A small memory leak in Squid caused multiple "ctx: enter level" messages

to be logged to "/var/log/squid/cache.log". This update resolves the memory
leak. (BZ#666533)

  • This erratum upgrades Squid to upstream version 3.1.10. This upgraded

version supports the Google Instant service and introduces various code
improvements. (BZ#639365)

Users of squid should upgrade to this updated package, which resolves these
issues. After installing this update, the squid service will be restarted
automatically.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x

Fixes

  • BZ - 630444 - CVE-2010-3072 Squid: Denial of service due internal error in string handling (SQUID-2010:3)
  • BZ - 639365 - Rebase squid to version 3.1.10
  • BZ - 666533 - small memleak in squid-3.1.4

Red Hat Enterprise Linux Server 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
x86_64
squid-3.1.10-1.el6.x86_64.rpm SHA-256: af3bfdaca46ca4ecf606127af885ecc297774da995825acd4a67e48a55d2f5ac
squid-3.1.10-1.el6.x86_64.rpm SHA-256: af3bfdaca46ca4ecf606127af885ecc297774da995825acd4a67e48a55d2f5ac
squid-debuginfo-3.1.10-1.el6.x86_64.rpm SHA-256: 8690cdcc126c6e99bea2e62e878f5982506976faa6a0f6b1d13fcd7e62435036
squid-debuginfo-3.1.10-1.el6.x86_64.rpm SHA-256: 8690cdcc126c6e99bea2e62e878f5982506976faa6a0f6b1d13fcd7e62435036
i386
squid-3.1.10-1.el6.i686.rpm SHA-256: 6531078e1aa1da2150908eaf199ddf878a4e739faf1c1673f5f7b16cebde5239
squid-debuginfo-3.1.10-1.el6.i686.rpm SHA-256: 7dc284d00d331a83df73966969003f6866c99e3aac0d42055bc379de92acd617

Red Hat Enterprise Linux Server from RHUI 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
x86_64
squid-3.1.10-1.el6.x86_64.rpm SHA-256: af3bfdaca46ca4ecf606127af885ecc297774da995825acd4a67e48a55d2f5ac
squid-debuginfo-3.1.10-1.el6.x86_64.rpm SHA-256: 8690cdcc126c6e99bea2e62e878f5982506976faa6a0f6b1d13fcd7e62435036
i386
squid-3.1.10-1.el6.i686.rpm SHA-256: 6531078e1aa1da2150908eaf199ddf878a4e739faf1c1673f5f7b16cebde5239
squid-debuginfo-3.1.10-1.el6.i686.rpm SHA-256: 7dc284d00d331a83df73966969003f6866c99e3aac0d42055bc379de92acd617

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
x86_64
squid-3.1.10-1.el6.x86_64.rpm SHA-256: af3bfdaca46ca4ecf606127af885ecc297774da995825acd4a67e48a55d2f5ac
squid-debuginfo-3.1.10-1.el6.x86_64.rpm SHA-256: 8690cdcc126c6e99bea2e62e878f5982506976faa6a0f6b1d13fcd7e62435036
i386
squid-3.1.10-1.el6.i686.rpm SHA-256: 6531078e1aa1da2150908eaf199ddf878a4e739faf1c1673f5f7b16cebde5239
squid-debuginfo-3.1.10-1.el6.i686.rpm SHA-256: 7dc284d00d331a83df73966969003f6866c99e3aac0d42055bc379de92acd617

Red Hat Enterprise Linux Workstation 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
x86_64
squid-3.1.10-1.el6.x86_64.rpm SHA-256: af3bfdaca46ca4ecf606127af885ecc297774da995825acd4a67e48a55d2f5ac
squid-debuginfo-3.1.10-1.el6.x86_64.rpm SHA-256: 8690cdcc126c6e99bea2e62e878f5982506976faa6a0f6b1d13fcd7e62435036
i386
squid-3.1.10-1.el6.i686.rpm SHA-256: 6531078e1aa1da2150908eaf199ddf878a4e739faf1c1673f5f7b16cebde5239
squid-debuginfo-3.1.10-1.el6.i686.rpm SHA-256: 7dc284d00d331a83df73966969003f6866c99e3aac0d42055bc379de92acd617

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
s390x
squid-3.1.10-1.el6.s390x.rpm SHA-256: 10313eab2ce332ba4da16208cb3f5d0210860688222df80983a009f3ed9e90e1
squid-debuginfo-3.1.10-1.el6.s390x.rpm SHA-256: 84447392b97bb24908fe8eda3e12271df34b97e250ffbc2c3434042a99dfb9e2

Red Hat Enterprise Linux for Power, big endian 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
ppc64
squid-3.1.10-1.el6.ppc64.rpm SHA-256: a36ba4bc2d37e4cc193363c9e4b42999d4f39472e8df0fc75fbc78f416243bab
squid-debuginfo-3.1.10-1.el6.ppc64.rpm SHA-256: 57fb3d4479f2ad7df43b85f9c5078d3d0f2c6622be62e715e69342baaee77cad

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
s390x
squid-3.1.10-1.el6.s390x.rpm SHA-256: 10313eab2ce332ba4da16208cb3f5d0210860688222df80983a009f3ed9e90e1
squid-debuginfo-3.1.10-1.el6.s390x.rpm SHA-256: 84447392b97bb24908fe8eda3e12271df34b97e250ffbc2c3434042a99dfb9e2

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
x86_64
squid-3.1.10-1.el6.x86_64.rpm SHA-256: af3bfdaca46ca4ecf606127af885ecc297774da995825acd4a67e48a55d2f5ac
squid-debuginfo-3.1.10-1.el6.x86_64.rpm SHA-256: 8690cdcc126c6e99bea2e62e878f5982506976faa6a0f6b1d13fcd7e62435036
i386
squid-3.1.10-1.el6.i686.rpm SHA-256: 6531078e1aa1da2150908eaf199ddf878a4e739faf1c1673f5f7b16cebde5239
squid-debuginfo-3.1.10-1.el6.i686.rpm SHA-256: 7dc284d00d331a83df73966969003f6866c99e3aac0d42055bc379de92acd617

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6

SRPM
squid-3.1.10-1.el6.src.rpm SHA-256: ccd3d65cbc47c56fde480ded799648329a97be57aa1b9b2272de4158dd636f99
s390x
squid-3.1.10-1.el6.s390x.rpm SHA-256: 10313eab2ce332ba4da16208cb3f5d0210860688222df80983a009f3ed9e90e1
squid-debuginfo-3.1.10-1.el6.s390x.rpm SHA-256: 84447392b97bb24908fe8eda3e12271df34b97e250ffbc2c3434042a99dfb9e2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.