Security update for squid3
SUSE Security Update: Security update for squid3
A remote DoS attack in the Squid web proxy has been fixed.
Due to incorrect state management, Squid was vulnerable to
a denial of service attack when processing certain HTTPS
requests (CVE-2014-0128).
For more information see
http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
.
Additionally, a bug in the logrotate configuration file has
been fixed. The 'su' statement was moved into the
'logfile' section (bnc#677335).
Security Issue reference:
* CVE-2014-0128
>
Announcement ID: | SUSE-SU-2014:0569-1 |
Rating: | moderate |
References: | #677335 #867533 |
Affected Products: |
An update that solves one vulnerability and has one errata is now available.
Description:
A remote DoS attack in the Squid web proxy has been fixed.
Due to incorrect state management, Squid was vulnerable to
a denial of service attack when processing certain HTTPS
requests (CVE-2014-0128).
For more information see
http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
Additionally, a bug in the logrotate configuration file has
been fixed. The 'su' statement was moved into the
'logfile' section (bnc#677335).
Security Issue reference:
* CVE-2014-0128
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP3 for VMware:
zypper in -t patch slessp3-squid3-9138
- SUSE Linux Enterprise Server 11 SP3:
zypper in -t patch slessp3-squid3-9138
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64):
- squid3-3.1.12-8.16.18.1
- SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64):
- squid3-3.1.12-8.16.18.1
References:
- http://support.novell.com/security/cve/CVE-2014-0128.html
- https://bugzilla.novell.com/677335
- https://bugzilla.novell.com/867533
- http://download.suse.com/patch/finder/?keywords=14a8781e229fe9480bf4955e3c10906e