Oval Definition:	oval:org.opensuse.security:def:58401
Revision Date: 2020-12-01 Version: 1 Title: Security update for squid (Important) Description: This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway (bsc#1162689). - CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326). - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329). - CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328). - CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323). - CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324). - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8450: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8517: Fixed a buffer overflow in ext_lm_group_acl when processing NTLM Authentication credentials (bsc#1162691). Family: unix Class: patch Status: Reference(s): 1007188 1009745 1010977 1010979 1011830 1012530 1015993 1031756 1033236 1038132 1038984 1043218 1045340 1045735 1047785 1048315 1056088 1056090 1056093 1056095 1056097 1056101 1056105 1083125 1086825 1087082 1087083 1089343 1090368 1090646 1090869 1091236 1092098 1104134 1106171 1106172 1106173 1106195 1107410 1107411 1107412 1107413 1107420 1107421 1107422 1107423 1107426 1107581 1108027 1109105 1109412 1109413 1109414 1111996 1112534 1112535 1113247 1113252 1113255 1116827 1118830 1118831 1119947 1120640 1121034 1121035 1121056 1122292 1122293 1122299 1124729 1124734 1128158 1128378 1128471 1128472 1128474 1128476 1128480 1128481 1128490 1128492 1128493 1133131 1133232 1141913 1142772 1156323 1156324 1156326 1156328 1156329 1162687 1162689 1162691 1173160 1174120 913058 CVE-2016-6321 CVE-2016-8654 CVE-2016-9395 CVE-2016-9398 CVE-2016-9560 CVE-2016-9591 CVE-2017-1000364 CVE-2017-13738 CVE-2017-13739 CVE-2017-13740 CVE-2017-13741 CVE-2017-13743 CVE-2017-13744 CVE-2017-7435 CVE-2017-7436 CVE-2017-9269 CVE-2018-1000301 CVE-2018-1000876 CVE-2018-1087 CVE-2018-11212 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16510 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16543 CVE-2018-16585 CVE-2018-16802 CVE-2018-16884 CVE-2018-17183 CVE-2018-17358 CVE-2018-17359 CVE-2018-17360 CVE-2018-17985 CVE-2018-18309 CVE-2018-18483 CVE-2018-18484 CVE-2018-18605 CVE-2018-18606 CVE-2018-18607 CVE-2018-1890 CVE-2018-19931 CVE-2018-19932 CVE-2018-20623 CVE-2018-20651 CVE-2018-20671 CVE-2018-3639 CVE-2018-3640 CVE-2018-3646 CVE-2018-8781 CVE-2018-8897 CVE-2019-1010180 CVE-2019-12523 CVE-2019-12526 CVE-2019-12528 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-2422 CVE-2019-2449 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2020-10745 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 SUSE-SU-2016:2896-1 SUSE-SU-2017:0084-1 SUSE-SU-2017:1707-1 SUSE-SU-2017:2040-1 SUSE-SU-2017:2570-1 SUSE-SU-2018:1523-1 SUSE-SU-2018:2331-2 SUSE-SU-2018:2975-1 SUSE-SU-2019:0617-1 SUSE-SU-2019:2650-1 SUSE-SU-2020:0661-1 SUSE-SU-2020:2312-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information apache2-mod_php7-7.2.5-lp150.1 is installed OR php7-7.2.5-lp150.1 is installed OR php7-ctype-7.2.5-lp150.1 is installed OR php7-dom-7.2.5-lp150.1 is installed OR php7-iconv-7.2.5-lp150.1 is installed OR php7-json-7.2.5-lp150.1 is installed OR php7-mysql-7.2.5-lp150.1 is installed OR php7-pdo-7.2.5-lp150.1 is installed OR php7-pgsql-7.2.5-lp150.1 is installed OR php7-sqlite-7.2.5-lp150.1 is installed OR php7-tokenizer-7.2.5-lp150.1 is installed OR php7-xmlreader-7.2.5-lp150.1 is installed OR php7-xmlwriter-7.2.5-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libruby2_5-2_5-2.5.5-lp151.4.3 is installed OR ruby-bundled-gems-rpmhelper-0.0.2-lp151.2 is installed OR ruby2.5-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-extra-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-ri-2.5.5-lp151.4.3 is installed OR ruby2.5-stdlib-2.5.5-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information kernel-default-4.4.59-92.24 is installed OR kernel-default-base-4.4.59-92.24 is installed OR kernel-default-devel-4.4.59-92.24 is installed OR kernel-default-man-4.4.59-92.24 is installed OR kernel-devel-4.4.59-92.24 is installed OR kernel-macros-4.4.59-92.24 is installed OR kernel-source-4.4.59-92.24 is installed OR kernel-syms-4.4.59-92.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180807-13.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information curl-7.37.0-37.23 is installed OR libcurl4-7.37.0-37.23 is installed OR libcurl4-32bit-7.37.0-37.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND squid-3.5.21-26.20 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
BACK