Unless they patched it themselves...... who knows?
But 2.5.s5 includes additional NTLM fixes: http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE5-RELEASENOTES.html
and 2.5.s4 does have some patches for NTLM: http://www.squid-cache.org/Versions/v2/2.5/bugs/#STABLE4
My suggestion: Install from source, the package maintainers are not always on the ball.
ed
On Thu, 17 Jun 2004, Ow Mun Heng wrote:
Hi, I'm just looking at this.. and I'm wondering how is it that I can determine whether the package I'm using is affected.
Any rpm command I can use? I'm using squid-2.5-stable4 from linux-kernel.at
RHSA-2004:242-06 - Updated squid package fixes security vulnerability
Advisory: RHSA-2004:242-06 Last updated on: 2004-06-09 Affected Products: Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3) CVEs (cve.mitre.org): CAN-2004-0541 ...
http://www.zone-h.org/en/advisories/read/id=4797/ --
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
Security on the internet is impossible without strong, open, and unhindered encryption.
