Hello All,
For the bug called "Squid clientAbortBody() Denial
of Service
Vulnerability", I saw the following patch for this
bug.
--- squid-2.5.STABLE5/src/client_side.c.orig Mon
May 10 11:14:33 2004
+++ squid-2.5.STABLE5/src/client_side.c Mon May 10
11:14:50 2004
@@ -3282,7 +3282,7 @@
CBCB *callback;
void *cbdata;
int valid;
- if (!conn->body.callback || conn->body.request
!= request)
+ if (conn == NULL || !conn->body.callback ||
conn->body.request !=
request)
return;
buf = conn->body.buf;
callback = conn->body.callback;
However, I saw the solution as below for this bug.
SOLUTION:
A patch has been applied to version
2.5.STABLE5 and 2.5.STABLE6.
However, it may reportedly only address the issue
partially.
Is this partially fix OR this bug partially reported?
What is the correct solution for this bug?
I am using Squid version 2.5.STABLE6.
Thanks,
Durai.
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.760 / Virus Database: 509 - Release Date: 9/10/2004 __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.comReceived on Sun Sep 19 2004 - 22:32:49 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT