Candidate: CVE-2011-4096
PublicDate: 2011-11-17 19:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4096
Description:
 The idnsGrokReply function in Squid before 3.1.16 does not properly free
 memory, which allows remote attackers to cause a denial of service (daemon
 abort) via a DNS reply containing a CNAME record that references another
 CNAME record that contains an empty A record.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_squid3:
 vendor: https://rhn.redhat.com/errata/RHSA-2011-1791.html
 vendor: http://www.debian.org/security/2012/dsa-2381
upstream_squid3: released (3.1.16-1)
hardy_squid3: not-affected (code not present)
lucid_squid3: not-affected (code not present)
maverick_squid3: released (3.1.6-1.1ubuntu1.2)
natty_squid3: released (3.1.11-1ubuntu0.1)
oneiric_squid3: released (3.1.14-1ubuntu0.1)
devel_squid3: not-affected (3.1.16-1ubuntu1)