advisories/10516.mga2.adv

type: security
subject: Updated squid packages fix security vulnerability
CVE:
 - CVE-2013-4115
src:
  2:
   core:
     - squid-3.1.19-4.4.mga2
description: |
  Due to incorrect data validation Squid is vulnerable to a buffer overflow
  attack when processing specially crafted HTTP requests. This problem allows
  any trusted client or client script who can generate HTTP requests to trigger
  a buffer overflow in Squid, resulting in a termination of the Squid service
  (CVE-2013-4115).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=10516
 - http://www.squid-cache.org/Advisories/SQUID-2013_2.txt
ID: MGASA-2013-0227
1	davidwhodgins	221	type: security
2			subject: Updated squid packages fix security vulnerability
3			CVE:
4			- CVE-2013-4115
5			src:
6			2:
7			core:
8			- squid-3.1.19-4.4.mga2
9			description: \|
10			Due to incorrect data validation Squid is vulnerable to a buffer overflow
11			attack when processing specially crafted HTTP requests. This problem allows
12			any trusted client or client script who can generate HTTP requests to trigger
13			a buffer overflow in Squid, resulting in a termination of the Squid service
14			(CVE-2013-4115).
15			references:
16	davidwhodgins	222	- https://bugs.mageia.org/show_bug.cgi?id=10516
17	davidwhodgins	221	- http://www.squid-cache.org/Advisories/SQUID-2013_2.txt
18	tmb	250	ID: MGASA-2013-0227