CESA-2017:0182 -- centos 7 squidID: oval:org.secpod.oval:def:204087 | Date: (C)2017-01-31 (M)2022-10-10 |
Class: PATCH | Family: unix |
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections