#use wml::debian::translation-check translation="1.2" maintainer=""
#pddp arteek

<define-tag description>ACL bypass</define-tag>
<define-tag moreinfo>
<p>A vulnerability was discovered in squid, an Internet object cache,
whereby access control lists based on URLs could be bypassed
(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0189">CAN-2004-0189</a>).  Two other bugs were also fixed with patches
squid-2.4.STABLE7-url_escape.patch (a buffer overrun which does not
appear to be exploitable) and squid-2.4.STABLE7-url_port.patch (a
potential denial of service).</p>

<p>For the stable distribution (woody) these problems have been fixed in
version 2.4.6-2woody2.</p>

<p>For the unstable distribution (sid) these problems have been fixed in
version 2.5.5-1.</p>

<p>We recommend that you update your squid package.</p>
</define-tag>

# do not modify the following line
#include "$(ENGLISHDIR)/security/2004/dsa-474.data"