Oval Definition:oval:com.redhat.rhsa:def:20170183
Revision Date:2017-01-24Version:637
Title:RHSA-2017:0183: squid34 security update (Moderate)
Description:The squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

  • It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)
  • Family:unixClass:patch
    Status:Reference(s):CVE-2016-10002
    RHSA-2017:0183
    RHSA-2017:0183-00
    RHSA-2017:0183-01
    RHSA-2017:0183-01
    Platform(s):Red Hat Enterprise Linux 6
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND squid34 is earlier than 7:3.4.14-9.el6_8.4
  • AND squid34 is signed with Red Hat redhatrelease2 key
  • BACK