Bug 40834
| Summary: | squid3: Denial of service (4.1) | ||
|---|---|---|---|
| Product: | UCS | Reporter: | Arvid Requate <requate> |
| Component: | Security updates | Assignee: | Arvid Requate <requate> |
| Status: | CLOSED FIXED | QA Contact: | Daniel Tröder <troeder> |
| Severity: | normal | ||
| Priority: | P4 | CC: | gohmann, requate |
| Version: | UCS 4.1 | ||
| Target Milestone: | UCS 4.1-4-errata | ||
| Hardware: | Other | ||
| OS: | Linux | ||
| What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
| Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
| User Pain: | Enterprise Customer affected?: | ||
| School Customer affected?: | ISV affected?: | ||
| Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
| Ticket number: | Bug group (optional): | Security | |
| Max CVSS v3 score: | |||
| Bug Depends on: | |||
| Bug Blocks: | 42563, 43408 | ||
|
Description
Arvid Requate
Upstream Debian package version 3.1.20-2.2+deb7u4 fixes this issue: * http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response. (CVE-2016-2571) Upstream Debian package version 3.1.20-2.2+deb7u5 fixes these issues: * CVE-2016-4051: Buffer overflow in cachemgr.cgi. * CVE-2016-4052: Multiple stack-based buffer overflows by wrongly handling Edge Side Includes (ESI) responses. * CVE-2016-4053: Public information disclosure of the server stack layout when processing ESI responses. * CVE-2016-4054: Remote code execution when processing ESI responses. * CVE-2016-4554: Header Smuggling issue in HTTP Request processing. * CVE-2016-4555 and CVE-2016-4556: Denial of Service when processing Advisory: squid3.yaml OK: DEBIAN_FRONTEND=noninteractive apt-get install --reinstall squid3 OK: automatic tests: ucs-test -E dangerous -s proxy OK: advisory |