Back to bug 1312257

Who When What Removed Added
Andrej Nemec 2016-02-26 09:15:35 UTC Summary CVE-2016-2569 squid: some code paths fail to check bounds in string object CVE-2016-2569 CVE-2016-2570 squid: some code paths fail to check bounds in string object
Alias CVE-2016-2570
Andrej Nemec 2016-02-26 09:27:36 UTC Blocks 1312266
Andrej Nemec 2016-02-26 09:30:57 UTC Depends On 1312267
Adam Mariš 2016-03-02 15:09:38 UTC Blocks 1311588
CC amaris
Yasuhiro Ozone 2016-03-22 07:23:34 UTC CC yozone
Adam Mariš 2016-03-22 07:35:19 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-all/squid=affected,rhel-5/squid=affected,rhel-7/squid=affected impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=new,rhel-7/squid=new
Cedric Buissart 2016-03-23 15:01:56 UTC CC cbuissar
Cedric Buissart 2016-03-24 14:11:01 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=new,rhel-7/squid=new impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=affected,rhel-7/squid=affected
Cedric Buissart 2016-03-31 09:10:44 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=affected,rhel-7/squid=affected impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=affected,rhel-7/squid=affected
Cedric Buissart 2016-03-31 09:17:17 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=affected,rhel-7/squid=affected impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=affected,rhel-7/squid=affected
Cedric Buissart 2016-03-31 09:56:58 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=new,rhel-6/squid=affected,rhel-7/squid=affected impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=affected,rhel-6/squid=affected,rhel-7/squid=affected
Cedric Buissart 2016-03-31 10:11:16 UTC Depends On 1322770
Cedric Buissart 2016-03-31 12:09:42 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=affected,rhel-6/squid=affected,rhel-7/squid=affected impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected
Cedric Buissart 2016-04-26 13:26:11 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=wontfix,rhel-6/squid34=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected
Luboš Uhliarik 2016-06-13 13:56:34 UTC Status NEW ASSIGNED
Keigo Noha 2016-08-25 02:06:30 UTC CC knoha, security-response-team
Flags needinfo?(security-response-team)
Andrej Nemec 2016-08-25 07:43:56 UTC Flags needinfo?(security-response-team)
Cedric Buissart 2016-09-29 16:03:21 UTC Doc Text Incorrect boundary checks were found in the way squid handles headers in the HTTP response from a server, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid by replying to a request with specially a crafted header, causing a Denial of Service attack.
Tomas Hoger 2016-10-25 22:02:23 UTC Doc Text Incorrect boundary checks were found in the way squid handles headers in the HTTP response from a server, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid by replying to a request with specially a crafted header, causing a Denial of Service attack. Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response.
Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=wontfix,rhel-6/squid34=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,rhel-5/squid=wontfix,rhel-6/squid34=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected,fedora-all/squid=affected
Cedric Buissart 2016-11-04 09:01:30 UTC Status ASSIGNED CLOSED
Resolution --- ERRATA
Last Closed 2016-11-04 05:01:30 UTC
Adam Mariš 2016-11-08 16:05:21 UTC CC amaris
Product Security DevOps Team 2019-09-29 13:45:06 UTC Whiteboard impact=moderate,public=20160224,reported=20160224,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,rhel-5/squid=wontfix,rhel-6/squid34=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected,fedora-all/squid=affected

Back to bug 1312257