New squid packages are available that fix a potential DoS in Squid's FTP handling code. It is recommened that squid users update to the fixed packages. The packages for Red Hat Linux 6.2 also fix the problem described in RHSA-2001:097-04; it was later discovered that Red Hat Linux 6.2 is vulnerable to the same problem in accelerator-only mode. 2001-10-22: Packages are now available for Red Hat Linux 7.2.
Certain FTP requests could cause the Squid daemon to abort, making it unavailable for a period of seconds. If enough of these requests are sent in a short period of time, the Squid daemon will not be restarted. Thanks go to Vladimir Ivaschenko for bringing this to our attention, and to Henrik Nordstrom and the Squid team for providing a fix.