Описание
Security update for squidGuard
squidGuard was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-8936: Reflected cross site scripting vulnerability because of insufficient escaping (bsc#985612).
Список пакетов
SUSE Linux Enterprise Server 12 SP1
squidGuard-1.4-27.1
squidGuard-doc-1.4-27.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
squidGuard-1.4-27.1
squidGuard-doc-1.4-27.1
Ссылки
- Link for SUSE-SU-2016:2511-1
- E-Mail link for SUSE-SU-2016:2511-1
- SUSE Security Ratings
- SUSE Bug 985612
- SUSE CVE CVE-2015-8936 page
Описание
Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1:squidGuard-1.4-27.1
SUSE Linux Enterprise Server 12 SP1:squidGuard-doc-1.4-27.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:squidGuard-1.4-27.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:squidGuard-doc-1.4-27.1
Ссылки
- CVE-2015-8936
- SUSE Bug 985612