Mandriva issued this advisory on December 27: http://lists.mandriva.com/security-announce/2011-12/msg00024.php
Hi, thanks for reporting this bug. Assigned to the package maintainer. (Please set the status to 'assigned' if you are working on it)
Keywords: (none) => TriagedAssignee: bugsquad => dlucio
pushed in the BS
CC: (none) => dmorganecAssignee: dlucio => qa-bugs
Tested successfully on i586.
Also testing on i586. Before installing the update, trying to load http://l15.sphotos.l3.fbcdn.net/ gets an error connecting to the http proxy, with the message squid[6073]: Squid Parent: child process 6076 exited due to signal 6 with status 0 showing up in syslog. After installing the update, squid returns a page with the message "The requested URL could not be retrieved". Looks good.
CC: (none) => davidwhodgins
Tested complete on Mageia release 1 (Official) for x86_64 with the testing procedure of comment 4 ,for me it's good too,work well.
CC: (none) => geiger.david68210
Validating the update Advisory ----------------- This security update for Squid corrects the following vulnerability http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4096 The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. https://bugs.mageia.org/show_bug.cgi?id=3959 ------------------- SRPM: squid-3.1.15-1.3.mga1 Could sysadmin please push from core/updates_testing to core/updates Thankyou!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsHardware: i586 => All
update pushed
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED