Overview

File _patchinfo of Package patchinfo.9414

<patchinfo incident="9414">
  <issue tracker="bnc" id="1113669">VUL-0: CVE-2018-19132: squid: small memory leak in processing of SNMP packets</issue>
  <issue tracker="bnc" id="1113668">VUL-0: CVE-2018-19131: squid: Cross-Site Scripting vulnerability in the TLS error handling</issue>
  <issue tracker="bnc" id="1112066">Squid running with a workers N parameter does not allow connection via http</issue>
  <issue tracker="bnc" id="1082318">Packages must not mark license files as %doc</issue>
  <issue tracker="bnc" id="1112695">Squid does not listen on http_port, when workers set to 2 or more</issue>
  <issue tracker="cve" id="2018-19132"/>
  <issue tracker="cve" id="2018-19131"/>
  <category>security</category>
  <rating>important</rating>
  <packager>adamm</packager>
  <description>This update for squid fixes the following issues:

Security issues fixed:

- CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668).
- CVE-2018-19132: Fixed small memory leak in processing of SNMP packets (bsc#1113669).

Non-security issues fixed:

- Create runtime directories needed when SMP mode is enabled (bsc#1112695, bsc#1112066).
- Install license correctly (bsc#1082318).
</description>
  <summary>Security update for squid</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places