Re: [squid-users] SECURITY ALERT: Host: header forgery detected with today's BZR checkout

From: Ralf Hildebrandt <Ralf.Hildebrandt_at_charite.de>
Date: Tue, 16 Aug 2011 10:37:47 +0200

* Amos Jeffries <squid3_at_treenet.co.nz>:
> On 15/08/11 23:52, Ralf Hildebrandt wrote:
> >With today's BZR checkout (3.2-HEAD) I'm getting a lot of "SECURITY
> >ALERT: Host: header forgery detected" with everyday requests:
> >
> >2011/08/15 13:50:59.016| SECURITY ALERT: Host: header forgery detected from local=141.42.1.205:8080 remote=10.43.65.227:3266 FD 1312 flags=1 (amsprd0104.outlook.com:443 does not match amsprd0104.outlook.com)
>
> We now forcibly detect CVE-2009-0801 vulnerability abuse. A few cases
> have been found missing from the detection. Please apply these two
> patches in this order:
>
>
> http://www.squid-cache.org/Versions/v3/3.HEAD/changesets/squid-3-11647.patch
> http://www.squid-cache.org/Versions/v3/3.HEAD/changesets/squid-3-11649.patch

I tried to apply them both but:

# patch -p1 < ../squid-3-11647.patch
patching file ClientRequestContext.h
Hunk #1 FAILED at 27.
1 out of 1 hunk FAILED -- saving rejects to file ClientRequestContext.h.rej
patching file client_side_request.cc
Hunk #1 FAILED at 546.
Hunk #2 FAILED at 620.
Hunk #3 FAILED at 638.
3 out of 3 hunks FAILED -- saving rejects to file client_side_request.cc.rej

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebrandt@charite.de | http://www.charite.de
	    
Received on Tue Aug 16 2011 - 08:37:59 MDT

This archive was generated by hypermail 2.2.0 : Tue Aug 16 2011 - 12:00:02 MDT