* Amos Jeffries <squid3_at_treenet.co.nz>:
> On 15/08/11 23:52, Ralf Hildebrandt wrote:
> >With today's BZR checkout (3.2-HEAD) I'm getting a lot of "SECURITY
> >ALERT: Host: header forgery detected" with everyday requests:
> >
> >2011/08/15 13:50:59.016| SECURITY ALERT: Host: header forgery detected from local=141.42.1.205:8080 remote=10.43.65.227:3266 FD 1312 flags=1 (amsprd0104.outlook.com:443 does not match amsprd0104.outlook.com)
>
> We now forcibly detect CVE-2009-0801 vulnerability abuse. A few cases
> have been found missing from the detection. Please apply these two
> patches in this order:
>
>
> http://www.squid-cache.org/Versions/v3/3.HEAD/changesets/squid-3-11647.patch
> http://www.squid-cache.org/Versions/v3/3.HEAD/changesets/squid-3-11649.patch
I tried to apply them both but:
# patch -p1 < ../squid-3-11647.patch
patching file ClientRequestContext.h
Hunk #1 FAILED at 27.
1 out of 1 hunk FAILED -- saving rejects to file ClientRequestContext.h.rej
patching file client_side_request.cc
Hunk #1 FAILED at 546.
Hunk #2 FAILED at 620.
Hunk #3 FAILED at 638.
3 out of 3 hunks FAILED -- saving rejects to file client_side_request.cc.rej
-- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt@charite.de | http://www.charite.deReceived on Tue Aug 16 2011 - 08:37:59 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 16 2011 - 12:00:02 MDT