Two denial of service vulnerabilities have been discovered in squid and squid3, a web proxy. The Common Vulnerabilities and Exposures project identifies the following problems:
Bastian Blank discovered that it is possible to cause a denial of service via a crafted auth header with certain comma delimiters.
Tomas Hoger discovered that it is possible to cause a denial of service via invalid DNS header-only packets.
For the stable distribution (lenny), these problems have been fixed in version 2.7.STABLE3-4.1lenny1 of the squid package and version 3.0.STABLE8-3+lenny3 of the squid3 package.
For the oldstable distribution (etch), these problems have been fixed in version 2.6.5-6etch5 of the squid package and version 3.0.PRE5-5+etch2 of the squid3 package.
For the testing distribution (squeeze) and the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your squid/squid3 packages.