Advisories ยป MGASA-2019-0382

Updated squid packages fix security vulnerabilities

Publication date: 13 Dec 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-12523 , CVE-2019-12526 , CVE-2019-18676 , CVE-2019-18677 , CVE-2019-18678 , CVE-2019-18679

Description

Potential remote code execution during URN processing (CVE-2019-12526).

Multiple improper validations in URI processing (CVE-2019-12523,
CVE-2019-18676).

Cross-Site Request Forgery in HTTP Request processing (CVE-2019-18677).

Incorrect message parsing which could have led to HTTP request splitting
issue (CVE-2019-18678).

Information disclosure when processing HTTP Digest Authentication
(CVE-2019-18679).
                

References

SRPMS

7/core