On 24/02/2016 5:37 a.m., William Lima wrote: > Hi all, > > It's easy to make a DoS. The reply (and cause) of the problem of the mentioned link: >
William; Please do not do that again. The squid-bugs mailing list is for (private) discussion of security related issues like attack PoC. This attack vector (and several others) were already known and intended to be under embargo until the end of day today. Our devs receiving the security bugs list have been made aware of the vulnerability some days ago and been working hard at a fix all week. The problem does go a long way beyond this simple attack and it can take a while to check that the fix is complete and working. Luckily I am already working through the release process for 4.0 and 3.5. The formal tarballs will be available in 2-6 hrs. And the advisory and release announcements later today. Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
