Mandrake Security Advisory MDVSA-2009:241 (squid)

Summary
The remote host is missing an update to squid announced via advisory MDVSA-2009:241.
Solution
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:241
Insight
A vulnerability was discovered and corrected in squid: The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function (CVE-2009-2855). This update provides a solution to this vulnerability. Affected: Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0