File _patchinfo of Package patchinfo.16313

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.16313

<patchinfo incident="16313">
  <issue tracker="bnc" id="1175665">VUL-0: CVE-2020-15811: squid: HTTP Request Splitting  could result in cache poisoning</issue>
  <issue tracker="bnc" id="1175664">VUL-0: CVE-2020-15810: squid: HTTP Request Smuggling could result in cache poisoning</issue>
  <issue tracker="bnc" id="1173455">VUL-0: CVE-2020-15049: squid: multiple Cache Poisoning Issue in HTTP Request processing</issue>
  <issue tracker="bnc" id="1175671">VUL-0: CVE-2020-24606: squid: Denial of Service processing Cache Digest Response (SQUID-2020:9)</issue>
  <issue tracker="cve" id="2020-24606"/>
  <issue tracker="cve" id="2020-15049"/>
  <issue tracker="cve" id="2020-15811"/>
  <issue tracker="cve" id="2020-15810"/>
  <packager>adamm</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for squid</summary>
  <description>This update for squid fixes the following issues:

squid was updated to version 4.13:

- CVE-2020-24606: Fix livelocking in peerDigestHandleReply (bsc#1175671).
- CVE-2020-15811: Improve Transfer-Encoding handling (bsc#1175665).
- CVE-2020-15810: Enforce token characters for field-name (bsc#1175664).
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.16313

Places