diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-06-05 15:01:26 +0530 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2017-11-16 15:32:42 -0800 |
commit | d3eef0b4716dac147f5f4d1bcdfc49021f698790 (patch) | |
tree | c186519072c497d65a272ca32452268d8d0214bd /meta-systemd/README | |
parent | 6d03884d6260f25e5359645ca589ae2e403991ff (diff) | |
download | meta-openembedded-contrib-d3eef0b4716dac147f5f4d1bcdfc49021f698790.tar.gz |
squid: CVE-2016-10002 fix
Source: https://github.com/squid-cache/
MR: 70135
Type: Security Fix
Disposition: Backport from squid-3.5.23
ChangeID: 2e0f83ac2c4c773dec769f388132cb888e0564d9
Description:
squid: Information disclosure in HTTP request processing
Due to incorrect HTTP conditional request handling Squid can deliver
responses containing private data to clients it should not have reached.
This problem allows a remote attacker to discover private and sensitive
information about another clients browsing session. Potentially including
credentials which allow access to further sensitive resources.
author: Garri Djavadyan <garryd@comnet.uz>
committer: Amos Jeffries <squid3@treenet.co.nz>
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-systemd/README')
0 files changed, 0 insertions, 0 deletions