Oval Definition:	oval:com.ubuntu.artful:def:20162570000
Revision Date: 2016-02-27 Version: 1 Title: CVE-2016-2570 on Ubuntu 17.10 (artful) - low. Description: The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.h. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-2570 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND NOT While related to the CVE in some way, the 'squid3' package in artful is not affected (note: '3.5.23-5ubuntu1').
BACK