Oval Definition:oval:com.redhat.rhsa:def:20162600
Revision Date:2016-11-03Version:642
Title:RHSA-2016:2600: squid security, bug fix, and enhancement update (Moderate)
Description:Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

  • The following packages have been upgraded to a newer upstream version: squid (3.5.20). (BZ#1273942, BZ#1349775)

    Security Fix(es):

  • Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2569, CVE-2016-2570)

  • It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-2571, CVE-2016-2572)

  • An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. (CVE-2016-3948)

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-2569
    CVE-2016-2570
    CVE-2016-2571
    CVE-2016-2572
    CVE-2016-3948
    RHSA-2016:2600
    RHSA-2016:2600-01
    RHSA-2016:2600-02
    RHSA-2016:2600-02
    Platform(s):Red Hat Enterprise Linux 7
    Red Hat Enterprise Linux 7 (please do not use for >= RHEL-7.5)
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • squid is earlier than 7:3.5.20-2.el7
  • AND squid is signed with Red Hat redhatrelease2 key
  • squid-migration-script is earlier than 7:3.5.20-2.el7
  • AND squid-migration-script is signed with Red Hat redhatrelease2 key
  • squid-sysvinit is earlier than 7:3.5.20-2.el7
  • AND squid-sysvinit is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
  • AND Package Information
  • squid-sysvinit is earlier than 7:3.5.20-2.el7
  • AND squid-sysvinit is signed with Red Hat redhatrelease2 key
  • OR
  • squid-migration-script is earlier than 7:3.5.20-2.el7
  • AND squid-migration-script is signed with Red Hat redhatrelease2 key
  • OR
  • squid is earlier than 7:3.5.20-2.el7
  • AND squid is signed with Red Hat redhatrelease2 key
    • BACK