Oval Definition:	oval:org.opensuse.security:def:4801
Revision Date: 2020-12-02 Version: 1 Title: Security update for squid (Important) Description: This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738). - CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326). - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329). - CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328). - CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323). - CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324). Other issues addressed: * Fixed DNS failures when peer name was configured with any upper case characters * Fixed several rock cache_dir corruption issues Family: unix Class: patch Status: Reference(s): 1051510 1054914 1055117 1061840 1065600 1065729 1071995 1082555 1100352 1104967 1109158 1111666 1113722 1114279 1117463 1117464 1117465 1119086 1123034 1127988 1129715 1130694 1131304 1133089 1133267 1135824 1137069 1137526 1137865 1137959 1137982 1140155 1140738 1141013 1141329 1141330 1141332 1141442 1142076 1142635 1146042 1146519 1146540 1146664 1148133 1148712 1148868 1149313 1149446 1149555 1149651 1150305 1150381 1150423 1150846 1151067 1151192 1151350 1151610 1151661 1151662 1151667 1151680 1151891 1151955 1152024 1152025 1152026 1152161 1152187 1152243 1152325 1152457 1152460 1152466 1152525 1152972 1152974 1152975 1154064 1156323 1156324 1156326 1156328 1156329 1162777 1163368 1168994 1172356 1173027 1173274 1173812 1174463 1174543 1174570 1176410 1177143 1177950 1178591 CVE-2009-0037 CVE-2009-2417 CVE-2011-1831 CVE-2011-1832 CVE-2011-1833 CVE-2011-1834 CVE-2011-1835 CVE-2011-1836 CVE-2011-1837 CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 CVE-2013-0249 CVE-2013-1944 CVE-2013-2174 CVE-2013-4545 CVE-2014-0015 CVE-2014-0138 CVE-2014-0139 CVE-2014-3613 CVE-2014-3620 CVE-2017-18595 CVE-2018-13301 CVE-2018-18511 CVE-2018-19490 CVE-2018-19491 CVE-2018-19492 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11694 CVE-2019-11698 CVE-2019-12523 CVE-2019-12525 CVE-2019-12526 CVE-2019-12527 CVE-2019-12529 CVE-2019-12730 CVE-2019-12854 CVE-2019-13345 CVE-2019-14821 CVE-2019-15291 CVE-2019-17542 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-3688 CVE-2019-5798 CVE-2019-7317 CVE-2019-9506 CVE-2019-9718 CVE-2019-9797 CVE-2019-9800 CVE-2019-9815 CVE-2019-9816 CVE-2019-9817 CVE-2019-9818 CVE-2019-9819 CVE-2019-9820 CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-14422 CVE-2020-15706 CVE-2020-15707 CVE-2020-25219 CVE-2020-26154 CVE-2020-28368 CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6797 CVE-2020-6798 CVE-2020-6800 CVE-2020-8177 SUSE-SU-2019:0904-1 SUSE-SU-2019:1458-1 SUSE-SU-2019:2710-1 SUSE-SU-2019:2975-1 SUSE-SU-2019:3184-1 SUSE-SU-2020:0385-1 SUSE-SU-2020:1773-1 SUSE-SU-2020:1920-1 SUSE-SU-2020:2073-1 SUSE-SU-2020:2159-1 SUSE-SU-2020:2901-1 SUSE-SU-2020:3416-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information bytefx-data-mysql-2.6.7-0.9.1 is installed OR ibm-data-db2-2.6.7-0.9.1 is installed OR mono-core-2.6.7-0.9.1 is installed OR mono-data-2.6.7-0.9.1 is installed OR mono-data-firebird-2.6.7-0.9.1 is installed OR mono-data-oracle-2.6.7-0.9.1 is installed OR mono-data-postgresql-2.6.7-0.9.1 is installed OR mono-data-sqlite-2.6.7-0.9.1 is installed OR mono-data-sybase-2.6.7-0.9.1 is installed OR mono-devel-2.6.7-0.9.1 is installed OR mono-extras-2.6.7-0.9.1 is installed OR mono-jscript-2.6.7-0.9.1 is installed OR mono-locale-extras-2.6.7-0.9.1 is installed OR mono-nunit-2.6.7-0.9.1 is installed OR mono-wcf-2.6.7-0.9.1 is installed OR mono-web-2.6.7-0.9.1 is installed OR mono-winforms-2.6.7-0.9.1 is installed OR monodoc-core-2.6.7-0.9.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-5 is installed OR libMagickWand-6_Q16-1-6.8.8.1-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information augeas-1.2.0-10 is installed OR augeas-lenses-1.2.0-10 is installed OR libaugeas0-1.2.0-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.15-4 is installed OR librsvg-2-2-2.40.15-4 is installed OR librsvg-2-2-32bit-2.40.15-4 is installed OR rsvg-view-2.40.15-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 is installed AND Package Information ctdb-4.2.4-18.30.1 is installed OR samba-4.2.4-18.30.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-26.2 is installed OR samba-4.2.4-26.2 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND libqb0-1.0.3+20171226.6d62b64-4.3 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information PackageKit-1.1.3-24.9 is installed OR PackageKit-backend-zypp-1.1.3-24.9 is installed OR PackageKit-lang-1.1.3-24.9 is installed OR libpackagekit-glib2-18-1.1.3-24.9 is installed OR typelib-1_0-PackageKitGlib-1_0-1.1.3-24.9 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_44-52_18-default-2-4.1 is installed OR kgraft-patch-3_12_44-52_18-xen-2-4.1 is installed OR kgraft-patch-SLE12_Update_7-2-4.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND squid-4.9-5.11 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.45-38.37 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.45-38.37 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND foomatic-filters-3.0.2-269.35.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND curl-7.19.7-1.46.1 is installed OR libcurl4-7.19.7-1.46.1 is installed OR libcurl4-32bit-7.19.7-1.46.1 is installed OR libcurl4-x86-7.19.7-1.46.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND curl-7.19.7-1.46.1 is installed OR libcurl4-7.19.7-1.46.1 is installed OR libcurl4-32bit-7.19.7-1.46.1 is installed OR libcurl4-x86-7.19.7-1.46.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information ImageMagick-6.8.8.1-8.2 is installed OR libMagickCore-6_Q16-1-6.8.8.1-8.2 is installed OR libMagickWand-6_Q16-1-6.8.8.1-8.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpython2_7-1_0-2.7.9-20 is installed OR libpython2_7-1_0-32bit-2.7.9-20 is installed OR python-base-2.7.9-20 is installed OR python-base-32bit-2.7.9-20 is installed OR python-xml-2.7.9-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information libgudev-1_0-0-210-70.58.1 is installed OR libgudev-1_0-0-32bit-210-70.58.1 is installed OR libudev1-210-70.58.1 is installed OR libudev1-32bit-210-70.58.1 is installed OR systemd-210-70.58.1 is installed OR systemd-32bit-210-70.58.1 is installed OR systemd-bash-completion-210-70.58.1 is installed OR systemd-sysvinit-210-70.58.1 is installed OR udev-210-70.58.1 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information dovecot22-2.2.13-4 is installed OR dovecot22-backend-mysql-2.2.13-4 is installed OR dovecot22-backend-pgsql-2.2.13-4 is installed OR dovecot22-backend-sqlite-2.2.13-4 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information curl-7.60.0-3.29 is installed OR libcurl-devel-7.60.0-3.29 is installed OR libcurl4-7.60.0-3.29 is installed OR libcurl4-32bit-7.60.0-3.29 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND libpixman-1-0-devel-0.24.4-0.15.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information MozillaFirefox-38.7.0esr-37.3 is installed OR MozillaFirefox-devel-38.7.0esr-37.3 is installed OR mozilla-nspr-4.12-24.1 is installed OR mozilla-nspr-devel-4.12-24.1 is installed OR mozilla-nss-3.20.2-28.1 is installed OR mozilla-nss-devel-3.20.2-28.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND libXtst-devel-1.2.2-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND cifs-utils-devel-6.4-6 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-33 is installed OR ImageMagick-devel-6.8.8.1-33 is installed OR libMagick++-6_Q16-3-6.8.8.1-33 is installed OR libMagick++-devel-6.8.8.1-33 is installed OR perl-PerlMagick-6.8.8.1-33 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information ffmpeg-3.4.2-4.27 is installed OR libavcodec-devel-3.4.2-4.27 is installed OR libavformat-devel-3.4.2-4.27 is installed OR libavformat57-3.4.2-4.27 is installed OR libavresample-devel-3.4.2-4.27 is installed OR libavresample3-3.4.2-4.27 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.7.0-3.33 is installed OR MozillaThunderbird-translations-common-60.7.0-3.33 is installed OR MozillaThunderbird-translations-other-60.7.0-3.33 is installed
BACK