MGASA-2019-0382
- Source
- https://advisories.mageia.org/MGASA-2019-0382.html
- Import Source
- https://advisories.mageia.org/MGASA-2019-0382.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2019-0382
- Related
- Published
- 2019-12-13T18:25:24Z
- Modified
- 2019-12-13T18:00:42Z
- Summary
- Updated squid packages fix security vulnerabilities
- Details
-
Potential remote code execution during URN processing (CVE-2019-12526).
Multiple improper validations in URI processing (CVE-2019-12523, CVE-2019-18676).
Cross-Site Request Forgery in HTTP Request processing (CVE-2019-18677).
Incorrect message parsing which could have led to HTTP request splitting issue (CVE-2019-18678).
Information disclosure when processing HTTP Digest Authentication (CVE-2019-18679).
- References
-
- https://advisories.mageia.org/MGASA-2019-0382.html
- https://bugs.mageia.org/show_bug.cgi?id=25812
- http://www.squid-cache.org/Advisories/SQUID-2019_7.txt
- http://www.squid-cache.org/Advisories/SQUID-2019_8.txt
- http://www.squid-cache.org/Advisories/SQUID-2019_9.txt
- http://www.squid-cache.org/Advisories/SQUID-2019_10.txt
- http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
- https://lists.opensuse.org/opensuse-updates/2019-11/msg00119.html
- Credits
-
-
- Mageia - COORDINATOR
-