SUSE-SU-2020:1227-1 -- SLES squidID: oval:org.secpod.oval:def:89000275 | Date: (C)2021-02-19 (M)2024-05-09 |
Class: PATCH | Family: unix |
This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses . - CVE-2020-11945: fixes a potential remote execution vulnerability when using HTTP Digest Authentication . - CVE-2019-12520, CVE-2019-12524: fixes a potential ACL bypass, cache-bypass and cross-site scripting attack when processing invalid HTTP Request messages .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP4 |