a7f27b2d10
Bump PKGREVISION. Introduction: ============= This patch fixes one buffer overflow problem in sgLog.c when overlong URLs are requested. SquidGuard will then go into emergency mode were no blocking occurs. This is not required in this situation. The URLs must be build with a overlong sequence of slashes (/). ATTENTION: While squidGuard will no longer go into emergeny mode when one overlong URL is passed to it, it is possible to use the overlong URL to bypass the filter. This vulnerability is not fixed by this patch! You can check if this vulnerability is actually exploited on your system by checking the logfile squidGuard.log for the following warning (provided you have not used the option --with-nolog=yes with configure before compiling squidguard): Warning: Possible bypass attempt. Found multiple slashes where only one is expected: |
||
|---|---|---|
| .. | ||
| patches | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| MESSAGE | ||
| PLIST | ||