[openSUSE-SU-2019:2541-1] Security update for squid
Severity
Important
Affected Packages
1
CVEs
12
Security update for squid
This update for squid to version 4.9 fixes the following issues:
Security issues fixed:
- CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738).
- CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326).
- CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329).
- CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328).
- CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323).
- CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324).
Other issues addressed:
- Fixed DNS failures when peer name was configured with any upper case characters
- Fixed several rock cache_dir corruption issues
This update was imported from the SUSE:SLE-15:Update update project.
Package | Affected Version |
---|---|
pkg:rpm/opensuse/squid?arch=x86_64&distro=opensuse-leap-15.1 | < 4.9-lp151.2.7.1 |
- ID
- openSUSE-SU-2019:2541-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2PLGSQEPKZX62EREA7UHDNEMHR3Z23A6/#2PLGSQEPKZX62EREA7UHDNEMHR3Z23A6
- Published
-
2019-11-21T13:26:12
(4 years ago) - Modified
-
2019-11-21T13:26:12
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2020-1378
- ALAS-2020-1386
- ALAS-2023-1757
- ALAS-2023-1774
- ALAS2-2020-1448
- ALAS2-2020-1486
- ALAS2-2023-2065
- ALAS2-2023-2081
- ALAS2-2023-2318
- ALPINE:CVE-2019-12525
- ALPINE:CVE-2019-12529
- ALPINE:CVE-2019-13345
- ALPINE:CVE-2019-18679
- ALSA-2019:2593
- ALSA-2019:3476
- ALSA-2020:2041
- ALSA-2020:4743
- ASA-201907-5
- ASA-201911-8
- DSA-4507-1
- DSA-4682-1
- ELSA-2019-2593
- ELSA-2020-1068
- ELSA-2020-2040
- ELSA-2020-2041
- ELSA-2022-22254
- FEDORA-2019-0b16cbdd0e
- FEDORA-2019-9538783033
- FEDORA-2019-c1e06901bc
- FEDORA-2019-cb50bcc189
- FREEBSD:620685D6-0AA3-11EA-9673-4C72B94353B5
- GLSA-202003-34
- openSUSE-SU-2019:1963-1
- openSUSE-SU-2019:2540-1
- openSUSE-SU-2019:2672-1
- openSUSE-SU-2021:1520-1
- RHSA-2019:2593
- RHSA-2019:3476
- RHSA-2020:1068
- RHSA-2020:2040
- RHSA-2020:2041
- RHSA-2020:4743
- RLSA-2019:2593
- RLSA-2019:3476
- RLSA-2020:2041
- RLSA-2020:4743
- SUSE-SU-2019:2089-1
- SUSE-SU-2019:2089-2
- SUSE-SU-2019:2092-1
- SUSE-SU-2019:2975-1
- SUSE-SU-2019:3067-1
- SUSE-SU-2019:3180-1
- SUSE-SU-2019:3182-1
- SUSE-SU-2019:3183-1
- SUSE-SU-2020:0661-1
- SUSE-SU-2020:1163-1
- SUSE-SU-2021:2280-1
- USN-4059-1
- USN-4059-2
- USN-4065-1
- USN-4065-2
- USN-4213-1
- USN-4446-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/squid?arch=x86_64&distro=opensuse-leap-15.1 | opensuse | squid | < 4.9-lp151.2.7.1 | opensuse-leap-15.1 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |