Oval Definition:oval:org.opensuse.security:def:60829
Revision Date:2020-12-01Version:1
Title:Security update for squid (Important)
Description:

This update for squid fixes the following issues:

- CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway (bsc#1162689). - CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326). - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329). - CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328). - CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323). - CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324). - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8450: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8517: Fixed a buffer overflow in ext_lm_group_acl when processing NTLM Authentication credentials (bsc#1162691).
Family:unixClass:patch
Status:Reference(s):1019074
1030472
1030476
1033084
1033085
1033087
1033088
1033089
1033090
1047873
1052916
1057247
1086036
1096985
1100097
1101295
1104129
1104448
1106390
1106515
1107067
1111973
1112723
1112726
1114592
1115960
1116846
1117632
1118900
1120657
1123685
1125007
1125893
1126068
1126069
1126088
1132593
1132666
1133185
1135254
1136035
1136446
1137597
1138034
1140747
1141121
1141676
1141897
1142649
1142654
1143215
1145796
1146578
1148158
1148383
1148517
1149145
1150895
1156323
1156324
1156326
1156328
1156329
1159913
1162687
1162689
1162691
1165631
1167373
1169740
1170771
1171355
1172651
1173304
1173334
917802
CVE-2015-3448
CVE-2016-10127
CVE-2016-10254
CVE-2016-10255
CVE-2017-11108
CVE-2017-11541
CVE-2017-11542
CVE-2017-11543
CVE-2017-12893
CVE-2017-12894
CVE-2017-12895
CVE-2017-12896
CVE-2017-12897
CVE-2017-12898
CVE-2017-12899
CVE-2017-12900
CVE-2017-12901
CVE-2017-12902
CVE-2017-12985
CVE-2017-12986
CVE-2017-12987
CVE-2017-12988
CVE-2017-12989
CVE-2017-12990
CVE-2017-12991
CVE-2017-12992
CVE-2017-12993
CVE-2017-12994
CVE-2017-12995
CVE-2017-12996
CVE-2017-12997
CVE-2017-12998
CVE-2017-12999
CVE-2017-13000
CVE-2017-13001
CVE-2017-13002
CVE-2017-13003
CVE-2017-13004
CVE-2017-13005
CVE-2017-13006
CVE-2017-13007
CVE-2017-13008
CVE-2017-13009
CVE-2017-13010
CVE-2017-13011
CVE-2017-13012
CVE-2017-13013
CVE-2017-13014
CVE-2017-13015
CVE-2017-13016
CVE-2017-13017
CVE-2017-13018
CVE-2017-13019
CVE-2017-13020
CVE-2017-13021
CVE-2017-13022
CVE-2017-13023
CVE-2017-13024
CVE-2017-13025
CVE-2017-13026
CVE-2017-13027
CVE-2017-13028
CVE-2017-13029
CVE-2017-13030
CVE-2017-13031
CVE-2017-13032
CVE-2017-13033
CVE-2017-13034
CVE-2017-13035
CVE-2017-13036
CVE-2017-13037
CVE-2017-13038
CVE-2017-13039
CVE-2017-13040
CVE-2017-13041
CVE-2017-13042
CVE-2017-13043
CVE-2017-13044
CVE-2017-13045
CVE-2017-13046
CVE-2017-13047
CVE-2017-13048
CVE-2017-13049
CVE-2017-13050
CVE-2017-13051
CVE-2017-13052
CVE-2017-13053
CVE-2017-13054
CVE-2017-13055
CVE-2017-13687
CVE-2017-13688
CVE-2017-13689
CVE-2017-13690
CVE-2017-13725
CVE-2017-2885
CVE-2017-7607
CVE-2017-7608
CVE-2017-7610
CVE-2017-7611
CVE-2017-7612
CVE-2017-7613
CVE-2018-10873
CVE-2018-10893
CVE-2018-12910
CVE-2018-15727
CVE-2018-16062
CVE-2018-16403
CVE-2018-16476
CVE-2018-18310
CVE-2018-18520
CVE-2018-18521
CVE-2018-19039
CVE-2018-558213
CVE-2018-5740
CVE-2018-5743
CVE-2018-5745
CVE-2018-8956
CVE-2019-10164
CVE-2019-11477
CVE-2019-11478
CVE-2019-12523
CVE-2019-12523
CVE-2019-12526
CVE-2019-12526
CVE-2019-12528
CVE-2019-12528
CVE-2019-13611
CVE-2019-14250
CVE-2019-15043
CVE-2019-15847
CVE-2019-18676
CVE-2019-18676
CVE-2019-18677
CVE-2019-18677
CVE-2019-18678
CVE-2019-18678
CVE-2019-18679
CVE-2019-18679
CVE-2019-18860
CVE-2019-2614
CVE-2019-2627
CVE-2019-2628
CVE-2019-3846
CVE-2019-5108
CVE-2019-5477
CVE-2019-6465
CVE-2019-7150
CVE-2019-7665
CVE-2020-11868
CVE-2020-12243
CVE-2020-13817
CVE-2020-14059
CVE-2020-15025
CVE-2020-1749
CVE-2020-8449
CVE-2020-8449
CVE-2020-8450
CVE-2020-8450
CVE-2020-8517
CVE-2020-8517
SUSE-SU-2017:2854-1
SUSE-SU-2018:2595-1
SUSE-SU-2019:0152-1
SUSE-SU-2019:2867-1
SUSE-SU-2020:0394-1
SUSE-SU-2020:0661-1
SUSE-SU-2020:1193-1
SUSE-SU-2020:1803-1
SUSE-SU-2020:1805-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • python-requests-2.20.1-lp151.2.3 is installed
  • OR python-requests-test-2.20.1-lp151.2.3 is installed
  • OR python2-requests-2.20.1-lp151.2.3 is installed
  • OR python2-requests-test-2.20.1-lp151.2.3 is installed
  • OR python3-requests-2.20.1-lp151.2.3 is installed
  • OR python3-requests-test-2.20.1-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • chocolate-doom-3.0.1-lp152.4.3 is installed
  • OR chocolate-doom-bash-completion-3.0.1-lp152.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND tcpdump-4.9.2-14.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND squid-3.5.21-26.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsoup-2.62.2-5.7 is installed
  • OR libsoup-2_4-1-2.62.2-5.7 is installed
  • OR libsoup-2_4-1-32bit-2.62.2-5.7 is installed
  • OR libsoup-lang-2.62.2-5.7 is installed
  • OR typelib-1_0-Soup-2_4-2.62.2-5.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libXtst6-1.2.2-7 is installed
  • OR libXtst6-32bit-1.2.2-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND squid-3.5.21-26.20 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • xen-4.11.4_04-2.30 is installed
  • OR xen-doc-html-4.11.4_04-2.30 is installed
  • OR xen-libs-4.11.4_04-2.30 is installed
  • OR xen-libs-32bit-4.11.4_04-2.30 is installed
  • OR xen-tools-4.11.4_04-2.30 is installed
  • OR xen-tools-domU-4.11.4_04-2.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • crowbar-core-5.0+git.1569597589.1f025c557-3.32 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1569597589.1f025c557-3.32 is installed
  • OR crowbar-ha-5.0+git.1567673535.607aada-3.26 is installed
  • OR crowbar-openstack-5.0+git.1570141351.058c8bd44-4.31 is installed
  • OR crowbar-ui-1.2.0+git.1568396400.0344a727-3.12 is installed
  • OR galera-3-25.3.25-4.6 is installed
  • OR galera-3-wsrep-provider-25.3.25-4.6 is installed
  • OR grafana-4.6.5-4.6 is installed
  • OR libmariadb3-3.1.2-3.12 is installed
  • OR mariadb-10.2.25-4.14 is installed
  • OR mariadb-client-10.2.25-4.14 is installed
  • OR mariadb-connector-c-3.1.2-3.12 is installed
  • OR mariadb-errormessages-10.2.25-4.14 is installed
  • OR mariadb-galera-10.2.25-4.14 is installed
  • OR mariadb-tools-10.2.25-4.14 is installed
  • OR novnc-1.0.0-3.6 is installed
  • OR openstack-cinder-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-api-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-backup-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-doc-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-volume-11.2.3~dev16-3.21 is installed
  • OR openstack-glance-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-api-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-doc-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-registry-15.0.3~dev3-3.12 is installed
  • OR openstack-heat-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-cfn-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-cloudwatch-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-doc-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-engine-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-plugin-heat_docker-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-test-9.0.8~dev13-3.24 is installed
  • OR openstack-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed
  • OR openstack-keystone-12.0.4~dev4-5.27 is installed
  • OR openstack-keystone-doc-12.0.4~dev4-5.27 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.9 is installed
  • OR openstack-neutron-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-doc-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-gbp-7.3.1~dev56-3.9 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-lbaas-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-server-11.0.9~dev51-3.24 is installed
  • OR openstack-nova-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-api-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-cells-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-compute-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-conductor-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-console-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-doc-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-placement-api-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-scheduler-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev7-3.29 is installed
  • OR python-amqp-2.2.2-3.6 is installed
  • OR python-cinder-11.2.3~dev16-3.21 is installed
  • OR python-glance-15.0.3~dev3-3.12 is installed
  • OR python-heat-9.0.8~dev13-3.24 is installed
  • OR python-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed
  • OR python-keystone-12.0.4~dev4-5.27 is installed
  • OR python-neutron-11.0.9~dev51-3.24 is installed
  • OR python-neutron-gbp-7.3.1~dev56-3.9 is installed
  • OR python-neutron-lbaas-11.0.4~dev6-3.15 is installed
  • OR python-nova-16.1.9~dev7-3.29 is installed
  • OR python-ovs-2.7.2-3.6 is installed
  • OR python-pysaml2-4.0.2-5.3 is installed
  • OR python-urllib3-1.22-5.9 is installed
  • OR release-notes-suse-openstack-cloud-8.20190911-3.20 is installed
  • OR ruby2.1-rubygem-easy_diff-1.0.0-3.4 is installed
  • OR rubygem-easy_diff-1.0.0-3.4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • BACK