Oval Definition:	oval:org.opensuse.security:def:64014
Revision Date: 2020-12-01 Version: 1 Title: Security update for squid (Important) Description: This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway (bsc#1162689). - CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326). - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329). - CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328). - CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323). - CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324). - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8450: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8517: Fixed a buffer overflow in ext_lm_group_acl when processing NTLM Authentication credentials (bsc#1162691). Family: unix Class: patch Status: Reference(s): 1118087 1134856 1139884 1139885 1139886 1140100 1140102 1140103 1140104 1140105 1140106 1140110 1140111 1140501 1140513 1140520 1140534 1140538 1140543 1140545 1140547 1140549 1140552 1140554 1140664 1140665 1140666 1140667 1140668 1140669 1140673 1141171 1149126 1149429 1151186 1152778 1153879 1154738 1156015 1156323 1156324 1156326 1156328 1156329 1162687 1162689 1162691 1168994 1173812 1174463 1174570 1174910 1174913 1176733 1178588 1178630 1178703 CVE-2018-16868 CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-12523 CVE-2019-12526 CVE-2019-12528 CVE-2019-12974 CVE-2019-12975 CVE-2019-12976 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 CVE-2019-13133 CVE-2019-13134 CVE-2019-13135 CVE-2019-13136 CVE-2019-13137 CVE-2019-13295 CVE-2019-13296 CVE-2019-13297 CVE-2019-13298 CVE-2019-13299 CVE-2019-13300 CVE-2019-13301 CVE-2019-13302 CVE-2019-13303 CVE-2019-13304 CVE-2019-13305 CVE-2019-13306 CVE-2019-13307 CVE-2019-13308 CVE-2019-13309 CVE-2019-13310 CVE-2019-13311 CVE-2019-13391 CVE-2019-13454 CVE-2019-15903 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-5068 CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-14361 CVE-2020-14362 CVE-2020-15706 CVE-2020-15707 CVE-2020-16013 CVE-2020-16016 CVE-2020-16017 CVE-2020-26117 CVE-2020-26950 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 openSUSE-SU-2019:1477-1 openSUSE-SU-2019:1983-1 openSUSE-SU-2019:2452-1 openSUSE-SU-2020:0084-1 openSUSE-SU-2020:1374-1 SUSE-SU-2020:0661-1 SUSE-SU-2020:2881-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gnutls-3.6.7-lp151.2.3 is installed OR gnutls-guile-3.6.7-lp151.2.3 is installed OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed OR libgnutls-dane0-3.6.7-lp151.2.3 is installed OR libgnutls-devel-3.6.7-lp151.2.3 is installed OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed OR libgnutls30-3.6.7-lp151.2.3 is installed OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed OR libgnutlsxx28-3.6.7-lp151.2.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information chromedriver-86.0.4240.198-lp152.2.48 is installed OR chromium-86.0.4240.198-lp152.2.48 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND squid-3.5.21-26.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information MozillaFirefox-78.4.1-112.32 is installed OR MozillaFirefox-devel-78.4.1-112.32 is installed OR MozillaFirefox-translations-common-78.4.1-112.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information libXvnc1-1.6.0-22.17 is installed OR tigervnc-1.6.0-22.17 is installed OR xorg-x11-Xvnc-1.6.0-22.17 is installed
BACK