|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2016-4553: squid: Cache Poisoning issue in HTTP Request handling | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Sebastian Krahmer <krahmer> |
| Component: | Incidents | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | amajer, meissner, security-team, smash_bz |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/168694/ | ||
| Whiteboard: | CVSSv2:SUSE:CVE-2016-4553:4.9:(AV:N/AC:M/Au:S/C:P/I:N/A:P) CVSSv2:RedHat:CVE-2016-4553:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:NVD:CVE-2016-4553:5.0:(AV:N/AC:L/Au:N/C:N/I:P/A:N) CVSSv3:NVD:CVE-2016-4553:8.6:(AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Sebastian Krahmer
2016-05-09 08:22:55 UTC
bugbot adjusting priority SUSE-SU-2016:1996-1: An update that fixes 25 vulnerabilities is now available. Category: security (important) Bug References: 895773,902197,938715,963539,967011,968392,968393,968394,968395,973782,973783,976553,976556,976708,979008,979009,979010,979011 CVE References: CVE-2011-3205,CVE-2011-4096,CVE-2012-5643,CVE-2013-0188,CVE-2013-4115,CVE-2014-0128,CVE-2014-6270,CVE-2014-7141,CVE-2014-7142,CVE-2015-5400,CVE-2016-2390,CVE-2016-2569,CVE-2016-2570,CVE-2016-2571,CVE-2016-2572,CVE-2016-3947,CVE-2016-3948,CVE-2016-4051,CVE-2016-4052,CVE-2016-4053,CVE-2016-4054,CVE-2016-4553,CVE-2016-4554,CVE-2016-4555,CVE-2016-4556 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): squid3-3.1.23-8.16.27.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): squid3-3.1.23-8.16.27.1 SUSE-SU-2016:2008-1: An update that solves 16 vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 902197,929493,938715,955783,959290,963539,968392,968393,968394,968395,973782,973783,976553,976556,979008,979009,979010,979011 CVE References: CVE-2015-3455,CVE-2015-5400,CVE-2016-2569,CVE-2016-2570,CVE-2016-2571,CVE-2016-2572,CVE-2016-3947,CVE-2016-3948,CVE-2016-4051,CVE-2016-4052,CVE-2016-4053,CVE-2016-4054,CVE-2016-4553,CVE-2016-4554,CVE-2016-4555,CVE-2016-4556 Sources used: SUSE Linux Enterprise Server 12-SP1 (src): squid-3.3.14-20.2 openSUSE-SU-2016:2081-1: An update that solves 16 vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 902197,929493,938715,955783,959290,963539,968392,968393,968394,968395,973782,973783,976553,976556,979008,979009,979010,979011 CVE References: CVE-2015-3455,CVE-2015-5400,CVE-2016-2569,CVE-2016-2570,CVE-2016-2571,CVE-2016-2572,CVE-2016-3947,CVE-2016-3948,CVE-2016-4051,CVE-2016-4052,CVE-2016-4053,CVE-2016-4054,CVE-2016-4553,CVE-2016-4554,CVE-2016-4555,CVE-2016-4556 Sources used: openSUSE Leap 42.1 (src): squid-3.3.14-6.1 SUSE-SU-2016:2089-1: An update that fixes 25 vulnerabilities is now available. Category: security (important) Bug References: 895773,902197,938715,963539,967011,968392,968393,968394,968395,973782,973783,976553,976556,976708,979008,979009,979010,979011,993299 CVE References: CVE-2011-3205,CVE-2011-4096,CVE-2012-5643,CVE-2013-0188,CVE-2013-4115,CVE-2014-0128,CVE-2014-6270,CVE-2014-7141,CVE-2014-7142,CVE-2015-5400,CVE-2016-2390,CVE-2016-2569,CVE-2016-2570,CVE-2016-2571,CVE-2016-2572,CVE-2016-3947,CVE-2016-3948,CVE-2016-4051,CVE-2016-4052,CVE-2016-4053,CVE-2016-4054,CVE-2016-4553,CVE-2016-4554,CVE-2016-4555,CVE-2016-4556 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): squid3-3.1.23-8.16.30.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): squid3-3.1.23-8.16.30.1 released This is an autogenerated message for OBS integration: This bug (979009) was mentioned in https://build.opensuse.org/request/show/701549 Factory / squid |