SUSE-SU-2020:0661-1 -- SLES squidID: oval:org.secpod.oval:def:89000336 | Date: (C)2021-02-23 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing . - CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing . - CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue . - CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication . - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy . - CVE-2020-8450: Fixed a buffer overflow when squid is acting as reverse-proxy . - CVE-2020-8517: Fixed a buffer overflow in ext_lm_group_acl when processing NTLM Authentication credentials .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP4 |