Amazon Linux 1 Security Advisory: ALAS-2014-360
Advisory Release Date: 2014-06-15 16:22 Pacific
Advisory Updated Date: 2014-09-19 10:24 Pacific
A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash. (CVE-2014-0128)
Affected Packages:
squid
Issue Correction:
Run yum update squid to update your system.
i686:
squid-debuginfo-3.1.10-20.15.amzn1.i686
squid-3.1.10-20.15.amzn1.i686
src:
squid-3.1.10-20.15.amzn1.src
x86_64:
squid-3.1.10-20.15.amzn1.x86_64
squid-debuginfo-3.1.10-20.15.amzn1.x86_64