Описание
Security update for squidGuard
squidGuard was updated to fix one security issue:
- CVE-2015-8936: Reflected cross site scripting vulnerability because of insufficient escaping (bsc#985612).
Список пакетов
SUSE Linux Enterprise Server 12 SP2
squidGuard-1.4-29.1
squidGuard-doc-1.4-29.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
squidGuard-1.4-29.1
squidGuard-doc-1.4-29.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
squidGuard-1.4-29.1
squidGuard-doc-1.4-29.1
Ссылки
- Link for SUSE-SU-2017:1411-1
- E-Mail link for SUSE-SU-2017:1411-1
- SUSE Security Ratings
- SUSE Bug 985612
- SUSE CVE CVE-2015-8936 page
Описание
Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2:squidGuard-1.4-29.1
SUSE Linux Enterprise Server 12 SP2:squidGuard-doc-1.4-29.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:squidGuard-1.4-29.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:squidGuard-doc-1.4-29.1
Ссылки
- CVE-2015-8936
- SUSE Bug 985612