exploitDog

SUSE-SU-2018:3790-1

Опубликовано: 16 нояб. 2018

Источник: suse-cvrf

Описание

Security update for squid3

This update for squid3 fixes the following issues:

Security issue fixed:

CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668).

Список пакетов

SUSE Linux Enterprise Server 11 SP4

squid3-3.1.23-8.16.37.9.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

squid3-3.1.23-8.16.37.9.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20183790-1/
Link for SUSE-SU-2018:3790-1
https://lists.suse.com/pipermail/sle-security-updates/2018-November/004861.html
E-Mail link for SUSE-SU-2018:3790-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1113668
SUSE Bug 1113668
https://www.suse.com/security/cve/CVE-2018-19131/
SUSE CVE CVE-2018-19131 page

Описание

Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.

Затронутые продукты

SUSE Linux Enterprise Server 11 SP4:squid3-3.1.23-8.16.37.9.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4:squid3-3.1.23-8.16.37.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-19131.html
CVE-2018-19131
https://bugzilla.suse.com/1113668
SUSE Bug 1113668