Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1334786 - (CVE-2016-4556) CVE-2016-4556 squid: SIGSEGV in ESIContext response handling
CVE-2016-4556 squid: SIGSEGV in ESIContext response handling
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20160506,repor...
: Security
Depends On: 1334489 1334490 1334491 1334492 1334499 1334500 1334787
Blocks: 1334247
  Show dependency treegraph
 
Reported: 2016-05-10 10:18 EDT by Cedric Buissart
Modified: 2016-06-27 07:48 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-06-09 08:43:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:1138 normal SHIPPED_LIVE Moderate: squid security update 2016-05-31 05:56:15 EDT
Red Hat Product Errata RHSA-2016:1139 normal SHIPPED_LIVE Moderate: squid security update 2016-05-31 05:42:41 EDT
Red Hat Product Errata RHSA-2016:1140 normal SHIPPED_LIVE Moderate: squid34 security update 2016-05-31 05:56:07 EDT

  None (edit)
Description Cedric Buissart 2016-05-10 10:18:33 EDT 
Due to incorrect reference counting Squid is vulnerable to a denial of service attack when processing ESI responses.

External references:

http://www.squid-cache.org/Advisories/SQUID-2016_9.txt

Upstream fixes:

Squid 3.5:

http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch

Squid 3.4:

http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch

NOTE: 
For the other related CVE, CVE-2016-4555, see Bug 1334246
Comment 1 Cedric Buissart 2016-05-10 10:19:03 EDT 
Created busybox tracking bugs for this issue:

Affects: fedora-all [bug 1334787]
Comment 4 errata-xmlrpc 2016-05-31 01:43:44 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2016:1139 https://access.redhat.com/errata/RHSA-2016:1139
Comment 5 errata-xmlrpc 2016-05-31 01:57:26 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:1140 https://access.redhat.com/errata/RHSA-2016:1140
Comment 6 errata-xmlrpc 2016-05-31 01:58:06 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:1138 https://access.redhat.com/errata/RHSA-2016:1138
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.