Oval Definition:	oval:org.opensuse.security:def:60062
Revision Date: 2020-12-01 Version: 1 Title: Security update for squid (Important) Description: This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (bsc#1169659). - CVE-2020-11945: fixes a potential remote execution vulnerability when using HTTP Digest Authentication (bsc#1170313). - CVE-2019-12520, CVE-2019-12524: fixes a potential ACL bypass, cache-bypass and cross-site scripting attack when processing invalid HTTP Request messages (bsc#1170423). Family: unix Class: patch Status: Reference(s): 1002573 1026236 1027519 1035231 1043983 1046637 1048072 1049578 1051787 1051788 1051789 1052686 1055265 1055695 1056286 1056782 1058754 1058755 1058757 1062452 1069607 1069632 1073002 1078782 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1087433 1087434 1087436 1087437 1087440 1087441 1109673 1112530 1112532 1120281 1130611 1130617 1130620 1130622 1130623 1130627 1152990 1152992 1152994 1152995 1160968 1162972 1163985 1169511 1169659 1170313 1170423 1170771 1171352 1171517 1172275 1172277 1172402 1173100 1173477 1173659 1173661 1173663 1173664 1173665 1173666 1173691 1173694 1173700 1173701 1173743 1173867 1173869 1173874 1173875 1173876 1173880 1173942 1173963 1174247 1177943 CVE-2014-2497 CVE-2014-9654 CVE-2014-9709 CVE-2015-1191 CVE-2015-9096 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-2339 CVE-2016-5116 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 CVE-2016-6207 CVE-2016-6214 CVE-2016-6905 CVE-2016-6906 CVE-2016-6911 CVE-2016-6912 CVE-2016-7568 CVE-2016-7798 CVE-2016-8670 CVE-2016-9317 CVE-2016-9933 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10664 CVE-2017-10784 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2017-18922 CVE-2017-9228 CVE-2017-9229 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-1000845 CVE-2018-16395 CVE-2018-16396 CVE-2018-17407 CVE-2018-21247 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-0155 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12524 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14901 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-16746 CVE-2019-18680 CVE-2019-19447 CVE-2019-20839 CVE-2019-20840 CVE-2019-2949 CVE-2019-4732 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2019-9458 CVE-2020-10663 CVE-2020-11668 CVE-2020-11945 CVE-2020-12243 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14331 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-1720 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 SUSE-SU-2017:2327-2 SUSE-SU-2018:3033-1 SUSE-SU-2019:0179-1 SUSE-SU-2020:0528-1 SUSE-SU-2020:1193-1 SUSE-SU-2020:1563-1 SUSE-SU-2020:1570-1 SUSE-SU-2020:2167-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND sudo-1.8.22-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND clementine-1.3.1-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND squid-3.5.21-26.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND gd-2.1.0-23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libldap-2_4-2-2.4.41-18.68 is installed OR libldap-2_4-2-32bit-2.4.41-18.68 is installed OR openldap2-2.4.41-18.68 is installed OR openldap2-back-meta-2.4.41-18.68 is installed OR openldap2-client-2.4.41-18.68 is installed OR openldap2-doc-2.4.41-18.68 is installed OR openldap2-ppolicy-check-password-1.2-18.68 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ovmf-2017+git1492060560.b6d11d7c46-4.12 is installed OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.12 is installed OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cvs-1.12.12-182.3 is installed OR cvs-doc-1.12.12-182.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information tomcat-9.0.36-3.42 is installed OR tomcat-admin-webapps-9.0.36-3.42 is installed OR tomcat-docs-webapp-9.0.36-3.42 is installed OR tomcat-el-3_0-api-9.0.36-3.42 is installed OR tomcat-javadoc-9.0.36-3.42 is installed OR tomcat-jsp-2_3-api-9.0.36-3.42 is installed OR tomcat-lib-9.0.36-3.42 is installed OR tomcat-servlet-4_0-api-9.0.36-3.42 is installed OR tomcat-webapps-9.0.36-3.42 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information grub2-2.02-12.39 is installed OR grub2-i386-pc-2.02-12.39 is installed OR grub2-snapper-plugin-2.02-12.39 is installed OR grub2-systemd-sleep-plugin-2.02-12.39 is installed OR grub2-x86_64-efi-2.02-12.39 is installed OR grub2-x86_64-xen-2.02-12.39 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND squid-3.5.21-26.32 is installed
BACK