USN-93-1: Squid vulnerability
8 March 2005
squid vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 4.10
Software Description
Details
A race condition was discovered in the handling of “Set-Cookie” headers. If the obsolete Netscape recommendation was used for handling cookies in the cache, it was possible for an attacker to steal the cookies of other users.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 4.10
- squid
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.