2010-2951 is not relevant to the Lucid package (3.0 series) which does not attempt DNS over IPv6.
2010-3072 correct patch for Lucid package version as referenced by the upstream advisory can be found at http://www.squid- cache.org/Versions/v3/3.0/changesets/squid-3.0-9189.patch Also, Please consider 3.1.10 package (now in Natty) for back-porting as a whole to Maverick. There are a great deal of related stability fixes over 3.1.6 which the user base require to prevent indirect problems even if the direct attack vulnerability is fixed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/718127 Title: CVE-2010-2951 and CVE-2010-3072 still exists in Lucid and CVE-2010-2951 still exists in maverick -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
