Advisories ยป MGASA-2014-0168

Updated squid packages fix CVE-2014-0128

Publication date: 09 Apr 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-0128

Description

Updated squid packages fix security vulnerability:

Due to incorrect state management, Squid before 3.3.12 is vulnerable to a
denial of service attack when processing certain HTTPS requests if the
SSL-Bump feature is enabled (CVE-2014-0128).
                

References

SRPMS

4/core