MGASA-2015-0347

Source
https://advisories.mageia.org/MGASA-2015-0347.html
Import Source
https://advisories.mageia.org/MGASA-2015-0347.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2015-0347
Related
Published
2015-09-08T17:55:59Z
Modified
2015-09-08T17:18:00Z
Summary
Updated squid packages fix CVE-2015-5400
Details

Updated squid packages fix security vulnerability:

Alex Rousskov discovered that Squid configured with cache_peer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. In some configurations, it allows remote clients to bypass security in an explicit gateway proxy (CVE-2015-5400).

References
Credits

Affected packages

Mageia:5 / squid

Package

Name
squid
Purl
pkg:rpm/mageia/squid?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.13-1.1.mga5

Ecosystem specific

{
    "section": "core"
}