Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 603052 (CVE-2016-10002, CVE-2016-10003) - <net-proxy/squid-3.5.23: Information disclosure (CVE-2016-{10002,10003})
Summary: <net-proxy/squid-3.5.23: Information disclosure (CVE-2016-{10002,10003})
Status: RESOLVED FIXED
Alias: CVE-2016-10002, CVE-2016-10003
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B4 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2016-12-19 05:45 UTC by Tomáš Mózes
Modified: 2017-01-31 09:45 UTC (History)
1 user (show)

See Also:
Package list:
=net-proxy/squid-3.5.23
Runtime testing required: ---
kensington: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tomáš Mózes 2016-12-19 05:45:33 UTC
http://www.squid-cache.org/Advisories/SQUID-2016_10.txt
http://www.squid-cache.org/Advisories/SQUID-2016_11.txt

Fixed in version:   Squid 4.0.17, 3.5.23
Comment 1 Tomáš Mózes 2016-12-20 14:25:24 UTC
Ebuild for 3.5.22 seems to work fine. Installed on 3 machines with 3TB of data transferred so far.
Comment 2 Eray Aslan gentoo-dev 2016-12-22 12:21:11 UTC
Arches please test and mark stable
=net-proxy/squid-3.5.23

Target Keywords = alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd
Comment 3 Agostino Sarubbo gentoo-dev 2016-12-24 09:48:07 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2016-12-24 10:19:20 UTC
x86 stable
Comment 5 Agostino Sarubbo gentoo-dev 2016-12-24 10:29:49 UTC
arm stable
Comment 6 Agostino Sarubbo gentoo-dev 2016-12-25 10:11:34 UTC
sparc stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-12-25 10:15:46 UTC
ia64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-12-25 10:24:57 UTC
ppc stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-12-27 09:07:17 UTC
ppc64 stable
Comment 10 Tobias Klausmann gentoo-dev 2017-01-05 12:36:45 UTC
Stable on alpha.
Comment 11 Jeroen Roovers (RETIRED) gentoo-dev 2017-01-14 12:54:39 UTC
Stable for HPPA.
Comment 12 Thomas Deutschmann gentoo-dev Security 2017-01-30 01:58:02 UTC
GLSA Vote: No


@ Maintainer(s): Please cleanup and drop <net-proxy/squid-3.5.23!
Comment 13 Eray Aslan gentoo-dev 2017-01-31 07:56:25 UTC
Cleanup done.