CVE-2010-0308 in Ubuntu

CVE-2010-0308

Priority

Description

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through
3.1.0.15 allows remote attackers to cause a denial of service (assertion
failure) via a crafted DNS packet that only contains a header.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0308
http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
https://ubuntu.com/security/notices/USN-901-1

Notes

Package

Source: squid (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 22.04 LTS (Jammy Jellyfish):	DNE

Patches:

Upstream:

http://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patch

Package

Source: squid3 (LP Ubuntu Debian)

Upstream:	released (3.1.6-1.1)
Ubuntu 22.04 LTS (Jammy Jellyfish):	not-affected (3.1.6-1.1ubuntu1)

Patches:

Upstream:	http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9163.patch
Upstream:	http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-9853.patch

More Information

Updated: 2022-02-10 23:40:54 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)