Date: Thu, 25 Jan 2001 17:50:24 +0100
From: Martin Schulze firstname.lastname@example.org
To: Debian Security Announcements
Subject: [SECURITY] [DSA 019-1] New version of squid released
Package : squid
Vulnerability : insecure tempfile hole
WireX discovered a potential temporary file race condition in the
way that squid sends out email messages notifying the administrator
about updating the program. This could lead to arbitrary files to
get overwritten. However the code would only be executed if running
a very bleeding edge release of squid, running a server whose time
is set some number of months in the past and squid is crashing.
Read it as hardly to exploit. This version also containes more
upstream bugfixes wrt. dots in hostnames and unproper HTML quoting.
We recommend you upgrade your squid package..
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
Potato was released for the alpha, arm, i386, m68k, powerpc and
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.