Overview

File _patchinfo of Package patchinfo.179

<patchinfo incident="179">
  <packager>draht</packager>
  <issue tracker="cve" id="CVE-2013-4115"></issue>
  <issue tracker="bnc" id="829084"></issue>
  <issue tracker="cve" id="CVE-2012-5643"></issue>
  <issue tracker="cve" id="CVE-2013-0188"></issue>
  <issue tracker="bnc" id="796999"></issue>
  <issue tracker="bnc" id="677335">VUL-0: logrotate:  issues with service owned directories</issue>
  <issue tracker="cve" id="CVE-2013-0189"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>security update for squid</summary>
  <description>This squid update includes several security fixes and
minor changes.

- squid-2.7.x-bnc829084-CVE-2013-4115-BO_request_handling.diff
  Squid advisory SQUID-2013_2, CVE-2013-4115, [bnc#829084]
  Specially crafted http requests can trigger a buffer overflow
  when squid attempts to resolve an overly long hostname.
- squid-2.7.x-bnc796999-bnc794954-CVE-2012-5643-CVE-2013-0188-cachemgr_cgi_dos.diff
  memory leak in cachemgr.cgi known as CVE-2013-0189, which is the
  underfixed CVE-2012-5643 problem. [bnc#796999] [bnc#794954]
- run logrotate as squid:nogroup [bnc#677335]</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places