mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
krogoth-next
meta-openembedded/meta-networking/recipes-daemons/squid
T
History
Catalin Enache 7166a2daec squid: CVE-2016-4553 
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10
does not properly ignore the Host header when absolute-URI
is provided, which allows remote attackers to conduct
cache-poisoning attacks via an HTTP request.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4553

Backported upstream patch:
http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-14039.patch

Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
(cherry picked from commit d46c89ae44)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2016-08-16 10:29:39 -07:00
..
files
squid: CVE-2016-4553
2016-08-16 10:29:39 -07:00
squid_3.5.7.bb
squid: CVE-2016-4553
2016-08-16 10:29:39 -07:00