PT-2013-2152 · Suse+2 · Squid3
Published
2013-10-04
·
Updated
2016-08-16
·
CVE-2013-0188
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
This update for squid3 fixes the following issues:
-
Multiple issues in pinger ICMP processing. (CVE-2014-7141, CVE-2014-7142)
-
CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. (bsc#973782)
-
CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)
-
Fix multiple Denial of Service issues in HTTP Response processing. (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc#968392, bsc#968393, bsc#968394, bsc#968395)
-
Regression caused by the DoS fixes above (bsc#993299)
-
CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)
-
CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)
-
CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:
- fixes multiple issues in ESI processing (bsc#976556)
-
CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)
-
CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)
-
CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)
-
Memory leak in squid3 when using external acl (bsc#976708)
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Squid3