From: Eridani Star System <linux@eridani.co.uk> To: eridani-announce@eridani.co.uk Subject: [Eridani-Announce] Updates to squid and php Date: Tue, 5 Mar 2002 08:20:59 +0000 (GMT) New updates to Eridani Linux 6.3: squid: This addresses a few bugs in versions prior to 2.4.STABLE3, specifically: Memory leak in SNMP code Specially formatted data in FTP URLs could crash it Disabling HTCP in the config file wouldn't work It is recommended all Squid users update their systems to the fixed packages. Note that SNMP support is now disabled by default; change the 'snmp_port' option in the config file to enable it, the default port is 3401. php: Vulnerable to multiple boundary check flaws, many of which were easy to exploit. cve.mitre.org has this logged as CAN-2002-0081. These updates are available from our FTP site at http://ftp.eridani.co.uk or ftp://ftp.eridani.co.uk/pub/Aeryn as source and i386 RPMs. Users of Eridani Linux releases prior to 6.3 should download the source RPMs and recompile on their platforms. MD5 checksums: f2e292eb4fdabaf3b9e65ff79b670056 squid-2.4.STABLE3-2.src.rpm d1da58ce4b1939a4ebd4512ded5f5590 squid-2.4.STABLE3-2.i386.rpm a4f7e8f4abf998b913e8ae1f4910dae7 php-4.0.6-10.src.rpm 6f933c051046655ec3c2e145f6fecaca php-4.0.6-10.i386.rpm 03aa5a47041503375015e0090bd7fc96 php-devel-4.0.6-10.i386.rpm 4decec8405ce9d8e719681816790ef16 php-imap-4.0.6-10.i386.rpm 7da20651f494a3904576466c0d495d50 php-ldap-4.0.6-10.i386.rpm 36c4eea710df5eeb974b02cff5576120 php-manual-4.0.6-10.i386.rpm 9cc33296a0443c2023a6087e85bc164f php-mysql-4.0.6-10.i386.rpm 3b8baf56c8951ae80577b922b54d483d php-pgsql-4.0.6-10.i386.rpm -- Michael "Soruk" McConnell [Eridani Linux 6.3 Now!] Eridani Linux -- The Most Up-to-Date Red Hat-based Linux CDROMs Available Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more... _______________________________________________ Eridani-Announce mailing list To be removed from this list email linux@eridani.co.uk requesting removal.