1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4065-2

[USN-4065-2] Squid vulnerabilities

Severity Critical
Affected Packages 6
CVEs 2
Info Packages Vulnerabilities

Several security issues were fixed in Squid.

USN-4065-1 fixed several vulnerabilities in Squid. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that Squid incorrectly handled Digest authentication. A
remote attacker could possibly use this issue to cause Squid to crash,
resulting in a denial of service. (CVE-2019-12525)

It was discovered that Squid incorrectly handled Basic authentication. A
remote attacker could possibly use this issue to cause Squid to crash,
resulting in a denial of service. (CVE-2019-12529)

Package Affected Version
pkg:deb/ubuntu/squidclient?distro=precise < 3.1.19-1ubuntu3.12.04.10
pkg:deb/ubuntu/squid?distro=precise < 3.1.19-1ubuntu3.12.04.10
pkg:deb/ubuntu/squid3?distro=precise < 3.1.19-1ubuntu3.12.04.10
pkg:deb/ubuntu/squid3-common?distro=precise < 3.1.19-1ubuntu3.12.04.10
pkg:deb/ubuntu/squid-common?distro=precise < 3.1.19-1ubuntu3.12.04.10
pkg:deb/ubuntu/squid-cgi?distro=precise < 3.1.19-1ubuntu3.12.04.10
ID
USN-4065-2
Severity
critical
Severity from
CVE-2019-12525
URL
https://ubuntu.com/security/notices/USN-4065-2
Published
2019-07-22T14:46:48
(5 years ago)
Modified
2019-07-22T14:46:48
(5 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/squidclient?distro=precise ubuntu squidclient < 3.1.19-1ubuntu3.12.04.10 precise
Affected pkg:deb/ubuntu/squid?distro=precise ubuntu squid < 3.1.19-1ubuntu3.12.04.10 precise
Affected pkg:deb/ubuntu/squid3?distro=precise ubuntu squid3 < 3.1.19-1ubuntu3.12.04.10 precise
Affected pkg:deb/ubuntu/squid3-common?distro=precise ubuntu squid3-common < 3.1.19-1ubuntu3.12.04.10 precise
Affected pkg:deb/ubuntu/squid-common?distro=precise ubuntu squid-common < 3.1.19-1ubuntu3.12.04.10 precise
Affected pkg:deb/ubuntu/squid-cgi?distro=precise ubuntu squid-cgi < 3.1.19-1ubuntu3.12.04.10 precise
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date