Oval Definition:	oval:org.opensuse.security:def:59214
Revision Date: 2020-12-01 Version: 1 Title: Security update for squid (Important) Description: This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (bsc#1169659). - CVE-2020-11945: fixes a potential remote execution vulnerability when using HTTP Digest Authentication (bsc#1170313). - CVE-2019-12520, CVE-2019-12524: fixes a potential ACL bypass, cache-bypass and cross-site scripting attack when processing invalid HTTP Request messages (bsc#1170423). Family: unix Class: patch Status: Reference(s): 1027282 1041090 1042670 1073269 1073748 1078326 1078485 1081750 1084650 1086001 1102840 1104076 1111056 1120644 1122191 1135715 1137825 1148931 1149792 1150003 1150011 1150250 1153830 1155094 1159035 1160039 1160968 1162224 1162367 1162825 1162972 1165894 1167231 1169659 1170313 1170411 1170423 1170601 1171561 1171863 1171864 1171866 1173576 1173613 1174922 1174923 1175664 1175665 1175671 1176012 1176072 1176382 1176896 1176931 945401 CVE-2011-4349 CVE-2016-2399 CVE-2018-12472 CVE-2018-20406 CVE-2019-12387 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12524 CVE-2019-14822 CVE-2019-1547 CVE-2019-1563 CVE-2019-18348 CVE-2019-4732 CVE-2019-5010 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-9674 CVE-2020-0429 CVE-2020-0431 CVE-2020-10543 CVE-2020-10878 CVE-2020-11945 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-12673 CVE-2020-12674 CVE-2020-12723 CVE-2020-14381 CVE-2020-14386 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 CVE-2020-25212 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-8492 SUSE-SU-2018:3467-1 SUSE-SU-2019:2066-1 SUSE-SU-2019:2345-2 SUSE-SU-2019:2389-1 SUSE-SU-2019:2413-1 SUSE-SU-2020:0528-1 SUSE-SU-2020:1227-1 SUSE-SU-2020:1524-1 SUSE-SU-2020:1662-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:2471-1 SUSE-SU-2020:3225-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libgit2-26-0.26.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information dnsmasq-2.78-lp151.5.3 is installed OR dnsmasq-utils-2.78-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.21 is installed OR python3-3.4.6-25.21 is installed OR python3-base-3.4.6-25.21 is installed OR python3-curses-3.4.6-25.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND squid-3.5.21-26.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.42 is installed OR openssh-askpass-gnome-7.2p2-74.42 is installed OR openssh-fips-7.2p2-74.42 is installed OR openssh-helpers-7.2p2-74.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information groff-1.22.2-5 is installed OR groff-full-1.22.2-5 is installed OR gxditview-1.22.2-5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython2_7-1_0-2.7.17-28.42 is installed OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed OR python-2.7.17-28.42 is installed OR python-32bit-2.7.17-28.42 is installed OR python-base-2.7.17-28.42 is installed OR python-base-32bit-2.7.17-28.42 is installed OR python-curses-2.7.17-28.42 is installed OR python-demo-2.7.17-28.42 is installed OR python-devel-2.7.17-28.42 is installed OR python-doc-2.7.17-28.42 is installed OR python-doc-pdf-2.7.17-28.42 is installed OR python-gdbm-2.7.17-28.42 is installed OR python-idle-2.7.17-28.42 is installed OR python-rpm-macros-20200207.5feb6c1-3.19 is installed OR python-tk-2.7.17-28.42 is installed OR python-xml-2.7.17-28.42 is installed OR shared-python-startup-0.1-1.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND squid-3.5.21-26.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-Twisted-15.2.1-9.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.1-11.37 is installed
BACK