logo
DATABASE RESOURCES PRICING ABOUT US

squid3 - security update

Description

It was discovered that there were multiple cross-site scripting (XSS) vulnerabilities in the squid3 caching proxy server * [CVE-2019-13345](https://security-tracker.debian.org/tracker/CVE-2019-13345) The cachemgr.cgi web module of Squid through 4.7 has XSS via the user\_name or auth parameter. For Debian 8 Jessie, these problems have been fixed in version 3.4.8-6+deb8u7. We recommend that you upgrade your squid3 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: <https://wiki.debian.org/LTS>


Affected Software


CPE Name Name Version
squid3 3.4.8-6+deb8u2
squid3 3.4.8-6+deb8u2~bpo70+1
squid3 3.4.8-6+deb8u5
squid3 3.4.8-6+deb8u6
squid3 3.4.8-6+deb8u1
squid3 3.4.8-6+deb8u4
squid3 3.4.8-6
squid3 3.4.8-6+deb8u3

Related