Oval Definition:oval:org.opensuse.security:def:64014
Revision Date:2020-12-01Version:1
Title:Security update for squid (Important)
Description:

This update for squid fixes the following issues:

- CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway (bsc#1162689). - CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326). - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329). - CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328). - CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323). - CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324). - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8450: Fixed a buffer overflow when squid is acting as reverse-proxy (bsc#1162687). - CVE-2020-8517: Fixed a buffer overflow in ext_lm_group_acl when processing NTLM Authentication credentials (bsc#1162691).
Family:unixClass:patch
Status:Reference(s):1118087
1134856
1139884
1139885
1139886
1140100
1140102
1140103
1140104
1140105
1140106
1140110
1140111
1140501
1140513
1140520
1140534
1140538
1140543
1140545
1140547
1140549
1140552
1140554
1140664
1140665
1140666
1140667
1140668
1140669
1140673
1141171
1149126
1149429
1151186
1152778
1153879
1154738
1156015
1156323
1156324
1156326
1156328
1156329
1162687
1162689
1162691
1168994
1173812
1174463
1174570
1174910
1174913
1176733
1178588
1178630
1178703
CVE-2018-16868
CVE-2019-11757
CVE-2019-11758
CVE-2019-11759
CVE-2019-11760
CVE-2019-11761
CVE-2019-11762
CVE-2019-11763
CVE-2019-11764
CVE-2019-12523
CVE-2019-12526
CVE-2019-12528
CVE-2019-12974
CVE-2019-12975
CVE-2019-12976
CVE-2019-12977
CVE-2019-12978
CVE-2019-12979
CVE-2019-13133
CVE-2019-13134
CVE-2019-13135
CVE-2019-13136
CVE-2019-13137
CVE-2019-13295
CVE-2019-13296
CVE-2019-13297
CVE-2019-13298
CVE-2019-13299
CVE-2019-13300
CVE-2019-13301
CVE-2019-13302
CVE-2019-13303
CVE-2019-13304
CVE-2019-13305
CVE-2019-13306
CVE-2019-13307
CVE-2019-13308
CVE-2019-13309
CVE-2019-13310
CVE-2019-13311
CVE-2019-13391
CVE-2019-13454
CVE-2019-15903
CVE-2019-18676
CVE-2019-18677
CVE-2019-18678
CVE-2019-18679
CVE-2019-5068
CVE-2020-10713
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-14361
CVE-2020-14362
CVE-2020-15706
CVE-2020-15707
CVE-2020-16013
CVE-2020-16016
CVE-2020-16017
CVE-2020-26117
CVE-2020-26950
CVE-2020-8449
CVE-2020-8450
CVE-2020-8517
openSUSE-SU-2019:1477-1
openSUSE-SU-2019:1983-1
openSUSE-SU-2019:2452-1
openSUSE-SU-2020:0084-1
openSUSE-SU-2020:1374-1
SUSE-SU-2020:0661-1
SUSE-SU-2020:2881-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gnutls-3.6.7-lp151.2.3 is installed
  • OR gnutls-guile-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane0-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • chromedriver-86.0.4240.198-lp152.2.48 is installed
  • OR chromium-86.0.4240.198-lp152.2.48 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND squid-3.5.21-26.20 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-78.4.1-112.32 is installed
  • OR MozillaFirefox-devel-78.4.1-112.32 is installed
  • OR MozillaFirefox-translations-common-78.4.1-112.32 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libXvnc1-1.6.0-22.17 is installed
  • OR tigervnc-1.6.0-22.17 is installed
  • OR xorg-x11-Xvnc-1.6.0-22.17 is installed
  • BACK