[RHSA-2016:2600] squid security, bug fix, and enhancement update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
The following packages have been upgraded to a newer upstream version: squid (3.5.20). (BZ#1273942, BZ#1349775)
Security Fix(es):
Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)
It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)
An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
- ID
- RHSA-2016:2600
- Severity
- moderate
- URL
- https://access.redhat.com/errata/RHSA-2016:2600
- Published
-
2016-11-03T00:00:00
(7 years ago) - Modified
-
2016-11-03T00:00:00
(7 years ago) - Rights
- Copyright 2016 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1312257 | https://bugzilla.redhat.com/1312257 | |
Bugzilla | 1312262 | https://bugzilla.redhat.com/1312262 | |
Bugzilla | 1323594 | https://bugzilla.redhat.com/1323594 | |
RHSA | RHSA-2016:2600 | https://access.redhat.com/errata/RHSA-2016:2600 | |
CVE | CVE-2016-2569 | https://access.redhat.com/security/cve/CVE-2016-2569 | |
CVE | CVE-2016-2570 | https://access.redhat.com/security/cve/CVE-2016-2570 | |
CVE | CVE-2016-2571 | https://access.redhat.com/security/cve/CVE-2016-2571 | |
CVE | CVE-2016-2572 | https://access.redhat.com/security/cve/CVE-2016-2572 | |
CVE | CVE-2016-3948 | https://access.redhat.com/security/cve/CVE-2016-3948 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/squid?arch=x86_64&distro=redhat-7 | redhat | squid | < 3.5.20-2.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/squid?arch=s390x&distro=redhat-7 | redhat | squid | < 3.5.20-2.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/squid?arch=ppc64le&distro=redhat-7 | redhat | squid | < 3.5.20-2.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/squid?arch=ppc64&distro=redhat-7 | redhat | squid | < 3.5.20-2.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/squid?arch=aarch64&distro=redhat-7 | redhat | squid | < 3.5.20-2.el7 | redhat-7 | aarch64 | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=x86_64&distro=redhat-7 | redhat | squid-sysvinit | < 3.5.20-2.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=s390x&distro=redhat-7 | redhat | squid-sysvinit | < 3.5.20-2.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=ppc64le&distro=redhat-7 | redhat | squid-sysvinit | < 3.5.20-2.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=ppc64&distro=redhat-7 | redhat | squid-sysvinit | < 3.5.20-2.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/squid-sysvinit?arch=aarch64&distro=redhat-7 | redhat | squid-sysvinit | < 3.5.20-2.el7 | redhat-7 | aarch64 | |
Affected | pkg:rpm/redhat/squid-migration-script?arch=x86_64&distro=redhat-7 | redhat | squid-migration-script | < 3.5.20-2.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/squid-migration-script?arch=s390x&distro=redhat-7 | redhat | squid-migration-script | < 3.5.20-2.el7 | redhat-7 | s390x | |
Affected | pkg:rpm/redhat/squid-migration-script?arch=ppc64le&distro=redhat-7 | redhat | squid-migration-script | < 3.5.20-2.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/squid-migration-script?arch=ppc64&distro=redhat-7 | redhat | squid-migration-script | < 3.5.20-2.el7 | redhat-7 | ppc64 | |
Affected | pkg:rpm/redhat/squid-migration-script?arch=aarch64&distro=redhat-7 | redhat | squid-migration-script | < 3.5.20-2.el7 | redhat-7 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |