File _patchinfo of Package patchinfo.1977

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.1977

<patchinfo>
  <issue id="794954" tracker="bnc">VUL-0: CVE-2012-5643: squid:  DoS via invalid Content-Length headers or via memory leaks</issue>
  <issue id="796999" tracker="bnc" />
  <issue id="677335" tracker="bnc">VUL-0: logrotate:  issues with service owned directories</issue>
  <issue id="829084" tracker="bnc" />
  <issue id="CVE-2013-0188" tracker="cve" />
  <issue id="CVE-2013-4115" tracker="cve" />
  <issue id="CVE-2012-5643" tracker="cve" />
  <issue id="CVE-2013-0189" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>draht</packager>
  <description>This squid update includes several security fixes and
minor changes.

- squid-2.7.x-bnc829084-CVE-2013-4115-BO_request_handling.diff
  Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084]
  Specially crafted http requests can trigger a buffer overflow
  when squid attempts to resolve an overly long hostname.
- squid-2.7.x-bnc796999-bnc794954-CVE-2012-5643-CVE-2013-0188-cachemgr_cgi_dos.diff
  memory leak in cachemgr.cgi known as CVE-2013-0189, which is the
  underfixed CVE-2012-5643 problem. [bnc#796999] [bnc#794954]
- run logrotate as squid:nogroup [bnc#677335]
</description>
  <summary>update for squid</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.1977

Places