Back to bug 1323594
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-04-04 07:52:00 UTC | Depends On | 1323591 | |
| Andrej Nemec | 2016-04-04 08:53:43 UTC | Blocks | 1323611 | |
| Cedric Buissart | 2016-04-07 09:21:01 UTC | CC | cbuissar | |
| Cedric Buissart | 2016-04-07 09:51:54 UTC | Depends On | 1322770 | |
| Cedric Buissart | 2016-04-26 13:29:03 UTC | Whiteboard | impact=moderate,public=20160401,reported=20160401,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=notaffected,rhel-6/squid=wontfix,rhel-7/squid=affected | impact=moderate,public=20160401,reported=20160401,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=notaffected,rhel-6/squid34=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected |
| Cedric Buissart | 2016-09-29 16:17:46 UTC | Doc Text | An incorrect boundary check was found in the way squid handles the Vary header in the HTTP response from a server, which could lead to an assertion failure. A malicious HTTP client and server could use this flaw to crash squid with specially a crafted header, causing a Denial of Service attack. | |
| Tomas Hoger | 2016-10-25 22:04:23 UTC | Doc Text | An incorrect boundary check was found in the way squid handles the Vary header in the HTTP response from a server, which could lead to an assertion failure. A malicious HTTP client and server could use this flaw to crash squid with specially a crafted header, causing a Denial of Service attack. | An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response. |
| Cedric Buissart | 2016-11-04 09:03:46 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-11-04 05:03:46 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:46:44 UTC | Whiteboard | impact=moderate,public=20160401,reported=20160401,source=oss-security,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cwe=CWE-617,fedora-all/squid=affected,rhel-5/squid=notaffected,rhel-6/squid34=wontfix,rhel-6/squid=wontfix,rhel-7/squid=affected |
Back to bug 1323594