Red Hat Bugzilla – Bug 222883
CVE-2007-0247 Squid crashes when receiving certain FTP listings
Last modified: 2007-11-30 17:11:53 EST
Description of problem:
Visiting this  URL makes Squid die upon receival of SIGSEGV Signal.
Version-Release number of selected component (if applicable):
Seems to be introduced with 2.5.STABLE11, so does affect
Fedora 5 and 6 and RHEL 5.
Fixed in 2.6.STABLE11.
See the upstream bug report  for patch.
Created attachment 145712 [details]
Upstream patch for Squid FTP triggered DoS #1857
fixed in squid-2.6.STABLE7-1.fc6
squid-2.5.STABLE14-3.FC5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
I've not seen the fc6 update for this. Are you planning to wait before pushing it?