Advisories ยป MGASA-2018-0458

Updated squid packages fix security vulnerabilities

Publication date: 17 Nov 2018
Modification date: 17 Nov 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-19131 , CVE-2018-19132

Description

Due to incorrect input handling, Squid is vulnerable to a Cross-Site
Scripting vulnerability when generating HTTPS response messages about
TLS errors (CVE-2018-19131).

Due to a memory leak in SNMP query rejection code, Squid is vulnerable
to a denial of service attack (CVE-2018-19132).
                

References

SRPMS

6/core