Oval Definition:	oval:org.opensuse.security:def:53232
Revision Date: 2020-12-01 Version: 1 Title: Security update for squid (Important) Description: This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738). - CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326). - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329). - CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328). - CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323). - CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324). Other issues addressed: * Fixed DNS failures when peer name was configured with any upper case characters * Fixed several rock cache_dir corruption issues Family: unix Class: patch Status: Reference(s): 1009434 1011377 1011390 1011395 1011398 1011404 1011406 1011411 1011417 1019649 1021803 1024989 1025029 1025035 1025084 1025985 1032509 1039042 1044337 1133089 1140738 1141329 1141330 1141332 1141442 1156323 1156324 1156326 1156328 1156329 1171477 905959 916897 916914 943216 956365 968565 971964 976944 981252 988028 992038 992606 CVE-2008-3825 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2009-1384 CVE-2009-3297 CVE-2011-0020 CVE-2011-0064 CVE-2011-0541 CVE-2011-1946 CVE-2012-5134 CVE-2014-0107 CVE-2015-1545 CVE-2015-1546 CVE-2015-3202 CVE-2015-5219 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2523 CVE-2016-2530 CVE-2016-2531 CVE-2016-2532 CVE-2016-2851 CVE-2016-3190 CVE-2016-3627 CVE-2016-3705 CVE-2016-4483 CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-9310 CVE-2016-9311 CVE-2017-0663 CVE-2017-15631 CVE-2017-2624 CVE-2017-5969 CVE-2019-12523 CVE-2019-12525 CVE-2019-12526 CVE-2019-12527 CVE-2019-12529 CVE-2019-12854 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-3688 CVE-2020-10722 CVE-2020-10723 CVE-2020-10724 CVE-2020-10725 CVE-2020-10726 SUSE-SU-2015:1077-1 SUSE-SU-2016:1100-1 SUSE-SU-2016:1344-1 SUSE-SU-2016:3195-1 SUSE-SU-2017:1670-1 SUSE-SU-2017:1675-1 SUSE-SU-2019:2975-1 SUSE-SU-2020:1335-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information dbus-1-glib-0.108-lp150.1 is installed OR dbus-1-glib-tool-0.108-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information containerd-1.2.5-lp151.2.3 is installed OR containerd-ctr-1.2.5-lp151.2.3 is installed OR containerd-test-1.2.5-lp151.2.3 is installed OR docker-18.09.6_ce-lp151.2.3 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.3 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed OR docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed OR docker-test-18.09.6_ce-lp151.2.3 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.3 is installed OR go-1.12-lp151.2.3 is installed OR go-doc-1.12-lp151.2.3 is installed OR go-race-1.12-lp151.2.3 is installed OR go1.11-1.11.9-lp151.2.3 is installed OR go1.11-doc-1.11.9-lp151.2.3 is installed OR go1.11-race-1.11.9-lp151.2.3 is installed OR go1.12-1.12.4-lp151.2.3 is installed OR go1.12-doc-1.12.4-lp151.2.3 is installed OR go1.12-race-1.12.4-lp151.2.3 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information Mesa-7.11.2-0.9 is installed OR Mesa-32bit-7.11.2-0.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information compat-wireless-kmp-default-3.13_3.0.101_0.31-0.9 is installed OR compat-wireless-kmp-pae-3.13_3.0.101_0.31-0.9 is installed OR compat-wireless-kmp-xen-3.13_3.0.101_0.31-0.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information augeas-0.9.0-3.17 is installed OR libaugeas0-0.9.0-3.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libldap-2_4-2-2.4.39-16 is installed OR libldap-2_4-2-32bit-2.4.39-16 is installed OR openldap2-client-2.4.39-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND wireshark-1.12.11-25 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND libotr5-4.0.0-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information fuse-2.9.3-5 is installed OR libfuse2-2.9.3-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libpango-1_0-0-1.40.1-9 is installed OR libpango-1_0-0-32bit-1.40.1-9 is installed OR typelib-1_0-Pango-1_0-1.40.1-9 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND squid-4.9-5.11 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information dpdk-18.11.3-4.6 is installed OR dpdk-devel-18.11.3-4.6 is installed OR dpdk-kmp-default-18.11.3_k4.12.14_197.40-4.6 is installed OR dpdk-tools-18.11.3-4.6 is installed OR libdpdk-18_11-18.11.3-4.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ecryptfs-utils-103-5 is installed OR ecryptfs-utils-32bit-103-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libxml2-2.9.1-26.15 is installed OR libxml2-2-2.9.1-26.15 is installed OR libxml2-2-32bit-2.9.1-26.15 is installed OR libxml2-doc-2.9.1-26.15 is installed OR libxml2-tools-2.9.1-26.15 is installed OR python-libxml2-2.9.1-26.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libX11-6-1.6.2-4 is installed OR libX11-6-32bit-1.6.2-4 is installed OR libX11-data-1.6.2-4 is installed OR libX11-xcb1-1.6.2-4 is installed OR libX11-xcb1-32bit-1.6.2-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libpython2_7-1_0-2.7.13-28.26 is installed OR libpython2_7-1_0-32bit-2.7.13-28.26 is installed OR python-2.7.13-28.26 is installed OR python-32bit-2.7.13-28.26 is installed OR python-base-2.7.13-28.26 is installed OR python-base-32bit-2.7.13-28.26 is installed OR python-curses-2.7.13-28.26 is installed OR python-demo-2.7.13-28.26 is installed OR python-doc-2.7.13-28.26 is installed OR python-doc-pdf-2.7.13-28.26 is installed OR python-gdbm-2.7.13-28.26 is installed OR python-idle-2.7.13-28.26 is installed OR python-tk-2.7.13-28.26 is installed OR python-xml-2.7.13-28.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20191112-13.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_155-94_50-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_17-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gnutls-3.3.27-3.3 is installed OR libgnutls-openssl27-3.3.27-3.3 is installed OR libgnutls28-3.3.27-3.3 is installed OR libgnutls28-32bit-3.3.27-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information libecpg6-9.6.4-3.6 is installed OR libpq5-9.6.4-3.6 is installed OR libpq5-32bit-9.6.4-3.6 is installed OR postgresql96-9.6.4-3.6 is installed OR postgresql96-contrib-9.6.4-3.6 is installed OR postgresql96-docs-9.6.4-3.6 is installed OR postgresql96-libs-9.6.4-3.6 is installed OR postgresql96-server-9.6.4-3.6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openstack-magnum-3.1.2~a0~dev20-9 is installed OR openstack-magnum-api-3.1.2~a0~dev20-9 is installed OR openstack-magnum-conductor-3.1.2~a0~dev20-9 is installed OR openstack-magnum-doc-3.1.2~a0~dev20-9 is installed OR python-magnum-3.1.2~a0~dev20-9 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND haproxy-1.6.11-11.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed
BACK