| Revision Date: | 2020-12-01 | Version: | 1 |
| Title: | Security update for squid (Important) |
| Description: |
This update for squid fixes the following issues:
- CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (bsc#1169659). - CVE-2020-11945: fixes a potential remote execution vulnerability when using HTTP Digest Authentication (bsc#1170313). - CVE-2019-12520, CVE-2019-12524: fixes a potential ACL bypass, cache-bypass and cross-site scripting attack when processing invalid HTTP Request messages (bsc#1170423).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1019016
1038231
1042910
1046607
1053352
1059554
1065237
1086774
1086775
1086813
1086814
1086817
1086820
1090671
1099658
1106284
1106383
1110785
1113769
1118595
1118596
1119183
1120843
1120885
1121816
1121821
1128829
1128963
1131543
1131565
1131709
1132374
1132472
1133495
1134537
1134596
1134848
1135281
1135603
1136424
1136446
1136586
1136935
1137586
1139459
1151377
1151506
1153108
1154043
1154609
1155574
1156321
1156331
1156482
1157770
1159814
1160398
1162108
1167231
1167976
1169511
1169659
1170313
1170423
1173576
1173613
1173986
1174420
1176756
1178512
977410
CVE-2016-1000031
CVE-2017-12617
CVE-2017-15710
CVE-2017-15715
CVE-2017-5664
CVE-2017-7494
CVE-2017-7526
CVE-2017-7674
CVE-2018-1283
CVE-2018-1301
CVE-2018-1302
CVE-2018-1303
CVE-2018-1312
CVE-2018-15518
CVE-2018-17972
CVE-2018-19873
CVE-2018-20856
CVE-2018-7191
CVE-2019-10220
CVE-2019-11190
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
CVE-2019-11815
CVE-2019-11833
CVE-2019-11884
CVE-2019-12382
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12524
CVE-2019-13272
CVE-2019-18197
CVE-2019-3846
CVE-2019-5489
CVE-2019-6109
CVE-2019-6111
CVE-2020-11945
CVE-2020-12402
CVE-2020-12415
CVE-2020-12416
CVE-2020-12417
CVE-2020-12418
CVE-2020-12419
CVE-2020-12420
CVE-2020-12421
CVE-2020-12422
CVE-2020-12423
CVE-2020-12424
CVE-2020-12425
CVE-2020-12426
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-1712
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2773
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-28196
CVE-2020-2830
SUSE-SU-2017:1392-1
SUSE-SU-2017:1794-1
SUSE-SU-2017:3039-1
SUSE-SU-2018:1161-1
SUSE-SU-2018:4183-1
SUSE-SU-2020:0331-1
SUSE-SU-2020:0920-2
SUSE-SU-2020:1227-1
SUSE-SU-2020:1686-1
SUSE-SU-2020:1899-1
SUSE-SU-2020:2759-1
SUSE-SU-2020:3379-1
|
| Platform(s): | openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.0 is installed AND chromium-66.0.3359.170-lp150.1 is installed
|
| Definition Synopsis |
| openSUSE Leap 15.1 is installed
AND Package Information
kernel-debug-4.12.14-lp151.28.4 is installed
OR kernel-debug-base-4.12.14-lp151.28.4 is installed
OR kernel-debug-devel-4.12.14-lp151.28.4 is installed
OR kernel-default-4.12.14-lp151.28.4 is installed
OR kernel-default-base-4.12.14-lp151.28.4 is installed
OR kernel-default-devel-4.12.14-lp151.28.4 is installed
OR kernel-devel-4.12.14-lp151.28.4 is installed
OR kernel-docs-4.12.14-lp151.28.4 is installed
OR kernel-docs-html-4.12.14-lp151.28.4 is installed
OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed
OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed
OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed
OR kernel-macros-4.12.14-lp151.28.4 is installed
OR kernel-obs-build-4.12.14-lp151.28.4 is installed
OR kernel-obs-qa-4.12.14-lp151.28.4 is installed
OR kernel-source-4.12.14-lp151.28.4 is installed
OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed
OR kernel-syms-4.12.14-lp151.28.4 is installed
OR kernel-vanilla-4.12.14-lp151.28.4 is installed
OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed
OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
libgcrypt-1.6.1-16.42 is installed
OR libgcrypt20-1.6.1-16.42 is installed
OR libgcrypt20-32bit-1.6.1-16.42 is installed
OR libgcrypt20-hmac-1.6.1-16.42 is installed
OR libgcrypt20-hmac-32bit-1.6.1-16.42 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND Package Information
libQt5Concurrent5-5.6.1-17.6 is installed
OR libQt5Core5-5.6.1-17.6 is installed
OR libQt5DBus5-5.6.1-17.6 is installed
OR libQt5Gui5-5.6.1-17.6 is installed
OR libQt5Network5-5.6.1-17.6 is installed
OR libQt5OpenGL5-5.6.1-17.6 is installed
OR libQt5PrintSupport5-5.6.1-17.6 is installed
OR libQt5Sql5-5.6.1-17.6 is installed
OR libQt5Sql5-mysql-5.6.1-17.6 is installed
OR libQt5Sql5-postgresql-5.6.1-17.6 is installed
OR libQt5Sql5-sqlite-5.6.1-17.6 is installed
OR libQt5Sql5-unixODBC-5.6.1-17.6 is installed
OR libQt5Test5-5.6.1-17.6 is installed
OR libQt5Widgets5-5.6.1-17.6 is installed
OR libQt5Xml5-5.6.1-17.6 is installed
OR libqt5-qtbase-5.6.1-17.6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND Package Information
jakarta-commons-fileupload-1.1.1-122.3 is installed
OR jakarta-commons-fileupload-javadoc-1.1.1-122.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND Package Information
apache2-2.4.23-29.18 is installed
OR apache2-doc-2.4.23-29.18 is installed
OR apache2-example-pages-2.4.23-29.18 is installed
OR apache2-prefork-2.4.23-29.18 is installed
OR apache2-utils-2.4.23-29.18 is installed
OR apache2-worker-2.4.23-29.18 is installed
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Server 12 SP3 is installed
AND
libssh2-1-1.4.3-20.9 is installed
OR libssh2-1-32bit-1.4.3-20.9 is installed
OR libssh2_org-1.4.3-20.9 is installed
OR Package Information
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND
libssh2-1-1.4.3-20.9 is installed
OR libssh2-1-32bit-1.4.3-20.9 is installed
OR libssh2_org-1.4.3-20.9 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3 is installed
AND apache2-mod_jk-1.2.40-5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND Package Information
libseccomp-2.4.1-11.3 is installed
OR libseccomp2-2.4.1-11.3 is installed
OR libseccomp2-32bit-2.4.1-11.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
perl-5.18.2-12.23 is installed
OR perl-32bit-5.18.2-12.23 is installed
OR perl-base-5.18.2-12.23 is installed
OR perl-doc-5.18.2-12.23 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
kgraft-patch-4_4_180-94_97-default-3-2 is installed
OR kgraft-patch-SLE12-SP3_Update_26-3-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND libcares2-1.9.1-9.4 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP4 is installed
AND libass5-0.10.2-3 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 7 is installed
AND squid-3.5.21-26.23 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 8 is installed
AND binutils-2.32-9.33 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud Crowbar 8 is installed
AND Package Information
ruby2.1-rubygem-rack-1.6.11-3.3 is installed
OR rubygem-rack-1.6.11-3.3 is installed
|