MGASA-2015-0347

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0347.html

Import Source

https://advisories.mageia.org/MGASA-2015-0347.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2015-0347

Related

CVE-2015-5400

Published

2015-09-08T17:55:59Z

Modified

2015-09-08T17:18:00Z

Summary

Updated squid packages fix CVE-2015-5400

Details

Updated squid packages fix security vulnerability:

Alex Rousskov discovered that Squid configured with cache_peer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. In some configurations, it allows remote clients to bypass security in an explicit gateway proxy (CVE-2015-5400).

References

https://advisories.mageia.org/MGASA-2015-0347.html
https://bugs.mageia.org/show_bug.cgi?id=16304
http://www.squid-cache.org/Advisories/SQUID-2015_2.txt
https://www.debian.org/security/2015/dsa-3327

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2015-0347

Affected packages