MGASA-2019-0382

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2019-0382.html

Import Source

https://advisories.mageia.org/MGASA-2019-0382.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2019-0382

Related

Published

2019-12-13T18:25:24Z

Modified

2019-12-13T18:00:42Z

Summary

Updated squid packages fix security vulnerabilities

Details

Potential remote code execution during URN processing (CVE-2019-12526).

Multiple improper validations in URI processing (CVE-2019-12523, CVE-2019-18676).

Cross-Site Request Forgery in HTTP Request processing (CVE-2019-18677).

Incorrect message parsing which could have led to HTTP request splitting issue (CVE-2019-18678).

Information disclosure when processing HTTP Digest Authentication (CVE-2019-18679).

References

Credits

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.9-1.mga7

{
    "section": "core"
}