Overview

File _patchinfo of Package patchinfo.6788

<patchinfo incident="6788">
  <issue id="1077003" tracker="bnc">VUL-0: CVE-2018-1000024: squid,squid3: SQUID-2018_1 Denial of Service issue in ESI Response processing.</issue>
  <issue id="1077006" tracker="bnc">VUL-0: CVE-2018-1000027: squid,squid3: SQUID-2018_2 Denial of Service issue in HTTP Message processing.</issue>
  <issue id="2018-1000024" tracker="cve" />
  <issue id="2018-1000027" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>adamm</packager>
  <description>This update for squid fixes the following issues:

Security issues fixed:

- CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI
  responses. This affects the default custom esi_parser (bsc#1077003).
- CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI
  responses or downloading intermediate CA certificates (bsc#1077006).
</description>
  <summary>Security update for squid</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places