Oval Definition:oval:org.opensuse.security:def:58673
Revision Date:2020-12-01Version:1
Title:Security update for squid (Moderate)
Description:



This update for squid fixes the following issues:

- CVE-2016-10003: Prevent incorrect forwarding of cached private responses when Collapsed Forwarding feature is enabled. This allowed remote attacker (proxy user) to discover private and sensitive information about another user (bsc#1016169). - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168). - CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942).
Family:unixClass:patch
Status:Reference(s):1002981
1005023
1010735
1010740
1010752
1010754
1010911
1016168
1016169
1021739
1025913
1026507
1027692
1027998
1033936
1033937
1033938
1033939
1033940
1033941
1033942
1033943
1033944
1033945
1076696
1081741
1083630
1085449
1088268
1090036
1093311
1096449
1096723
1097356
1101591
1102682
1103411
1105323
1106191
1114981
1115518
1119971
1120323
1120374
1122983
1145559
1172515
1176315
949942
990856
998761
998762
998763
998800
998963
998964
CVE-2010-4000
CVE-2013-2186
CVE-2014-0050
CVE-2014-9749
CVE-2015-0254
CVE-2016-10002
CVE-2016-10003
CVE-2016-6354
CVE-2016-7175
CVE-2016-7176
CVE-2016-7177
CVE-2016-7178
CVE-2016-7179
CVE-2016-7180
CVE-2016-9373
CVE-2016-9374
CVE-2016-9375
CVE-2016-9376
CVE-2017-0861
CVE-2017-12627
CVE-2017-5596
CVE-2017-5597
CVE-2017-6014
CVE-2017-7700
CVE-2017-7701
CVE-2017-7702
CVE-2017-7703
CVE-2017-7704
CVE-2017-7705
CVE-2017-7745
CVE-2017-7746
CVE-2017-7747
CVE-2017-7748
CVE-2018-1000026
CVE-2018-1000199
CVE-2018-1050
CVE-2018-10858
CVE-2018-10902
CVE-2018-10938
CVE-2018-1417
CVE-2018-16864
CVE-2018-16865
CVE-2018-16866
CVE-2018-18500
CVE-2018-18501
CVE-2018-18505
CVE-2018-2783
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-2825
CVE-2018-2826
CVE-2018-5390
CVE-2018-5848
CVE-2018-6126
CVE-2019-11500
CVE-2020-17507
SUSE-SU-2017:0128-1
SUSE-SU-2017:1442-1
SUSE-SU-2018:1253-1
SUSE-SU-2018:1738-2
SUSE-SU-2018:1783-1
SUSE-SU-2018:2339-1
SUSE-SU-2019:0336-1
SUSE-SU-2019:2454-1
SUSE-SU-2020:2760-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • accountsservice-0.6.45-lp150.2 is installed
  • OR accountsservice-lang-0.6.45-lp150.2 is installed
  • OR libaccountsservice0-0.6.45-lp150.2 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.45-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • python-numpy-1.16.1-lp151.5.3 is installed
  • OR python-numpy_1_16_1-gnu-hpc-1.16.1-lp151.5.3 is installed
  • OR python2-numpy-1.16.1-lp151.5.3 is installed
  • OR python2-numpy-devel-1.16.1-lp151.5.3 is installed
  • OR python2-numpy-gnu-hpc-1.16.1-lp151.5.3 is installed
  • OR python2-numpy-gnu-hpc-devel-1.16.1-lp151.5.3 is installed
  • OR python2-numpy_1_16_1-gnu-hpc-1.16.1-lp151.5.3 is installed
  • OR python2-numpy_1_16_1-gnu-hpc-devel-1.16.1-lp151.5.3 is installed
  • OR python3-numpy-1.16.1-lp151.5.3 is installed
  • OR python3-numpy-devel-1.16.1-lp151.5.3 is installed
  • OR python3-numpy-gnu-hpc-1.16.1-lp151.5.3 is installed
  • OR python3-numpy-gnu-hpc-devel-1.16.1-lp151.5.3 is installed
  • OR python3-numpy_1_16_1-gnu-hpc-1.16.1-lp151.5.3 is installed
  • OR python3-numpy_1_16_1-gnu-hpc-devel-1.16.1-lp151.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND squid-3.5.21-25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libsystemd0-228-150.58 is installed
  • OR libsystemd0-32bit-228-150.58 is installed
  • OR libudev1-228-150.58 is installed
  • OR libudev1-32bit-228-150.58 is installed
  • OR systemd-228-150.58 is installed
  • OR systemd-32bit-228-150.58 is installed
  • OR systemd-bash-completion-228-150.58 is installed
  • OR systemd-sysvinit-228-150.58 is installed
  • OR udev-228-150.58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • MozillaFirefox-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-translations-52.8.1esr-109.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gnome-shell-3.20.4-76 is installed
  • OR gnome-shell-browser-plugin-3.20.4-76 is installed
  • OR gnome-shell-lang-3.20.4-76 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_103-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND gdb-8.3.1-2.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libwavpack1-4.60.99-5.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
  • OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • BACK