RHSA-2017:0183-01 -- Redhat squid34ID: oval:org.secpod.oval:def:501969 | Date: (C)2017-01-25 (M)2023-12-20 |
Class: PATCH | Family: unix |
The squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections
Platform: |
Red Hat Enterprise Linux 6 |