PublicDate: 2008-04-01 17:44:00 UTC
Candidate: CVE-2008-1612
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1612
 https://ubuntu.com/security/notices/USN-601-1
Description:
 The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows
 attackers to cause a denial of service (process exit) via unknown vectors
 that cause an array to shrink to 0 entries, which triggers an assert error.
  NOTE: this issue is due to an incorrect fix for CVE-2007-6239.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: jdstrand
CVSS: 

Patches_squid:
 other: http://www.squid-cache.org/Versions/v2/2.6/changesets/11882.patch
upstream_squid: released (2.6.18-1)
dapper_squid: released (2.5.12-4ubuntu2.4)
edgy_squid: released (2.6.1-3ubuntu1.7)
feisty_squid: released (2.6.5-4ubuntu2.2)
gutsy_squid: released (2.6.14-1ubuntu2.2)
devel_squid: not-affected (2.6.18-1ubuntu3)