DEBIAN-CVE-2020-15811

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the...

Fedora 18 : mediawiki-1.19.8-1.fc18 (2013-15994)

SECURITY: Sanitize ResourceLoader exception messages - SECURITY: Token-getting functions will fail when using jsonp callbacks. - SECURITY: Fix extension detection with 2 .'s - Allow a string other than '' as condition for DatabaseBase::delete - Purge upstream caches when deleting file assets. -...