Advisories ยป MGASA-2014-0192

Updated squid package fixes CVE-2014-0128

Publication date: 24 Apr 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2014-0128

Description

Updated squid packages fix security vulnerability:

Due to incorrect state management, Squid before 3.3.12 is vulnerable to a
denial of service attack when processing certain HTTPS requests if the
SSL-Bump feature is enabled (CVE-2014-0128).
                

References

SRPMS

3/core