Lucene search

K
mageiaGentoo FoundationMGASA-2014-0192
HistoryApr 24, 2014 - 11:04 p.m.

Updated squid package fixes CVE-2014-0128

2014-04-2423:04:48
Gentoo Foundation
advisories.mageia.org
4

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.117 Low

EPSS

Percentile

95.2%

Updated squid packages fix security vulnerability: Due to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled (CVE-2014-0128).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchsquid< 3.2.10-1.6squid-3.2.10-1.6.mga3

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.117 Low

EPSS

Percentile

95.2%

Related for MGASA-2014-0192