Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 645356 (CVE-2018-1000024, CVE-2018-1000027) - <net-proxy/squid-3.5.27-r1 multiple vulnerabilities
Summary: <net-proxy/squid-3.5.27-r1 multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2018-1000024, CVE-2018-1000027
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-01-22 13:26 UTC by Eray Aslan
Modified: 2018-06-19 17:30 UTC (History)
1 user (show)

See Also:
Package list:
net-proxy/squid-3.5.27-r1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Eray Aslan gentoo-dev 2018-01-22 13:26:59 UTC
http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
Problem Description:

Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses.

http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
Problem Description:

Due to incorrect pointer handling Squid is vulnerable to denial
of service attack when processing ESI responses or downloading
intermediate CA certificates.

No CVEs yet.
Comment 1 Larry the Git Cow gentoo-dev 2018-01-22 13:31:17 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ac4ddfc6691dbb79e70ec1e51feb5f6c4139a046

commit ac4ddfc6691dbb79e70ec1e51feb5f6c4139a046
Author:     Eray Aslan <eras@gentoo.org>
AuthorDate: 2018-01-22 13:29:11 +0000
Commit:     Eray Aslan <eras@gentoo.org>
CommitDate: 2018-01-22 13:29:11 +0000

    net-proxy/squid: security bump
    
    Bug: https://bugs.gentoo.org/645356
    Package-Manager: Portage-2.3.20, Repoman-2.3.6

 net-proxy/squid/squid-3.5.27-r1.ebuild | 251 +++++++++++++++++++++++++++++++++
 1 file changed, 251 insertions(+)}
Comment 2 Eray Aslan gentoo-dev 2018-01-22 13:37:44 UTC
Arches, please test and mark stable
net-proxy/squid-3.5.27-r1

Target Keywords="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~sparc x86 ~x86-fbsd"
Comment 3 Agostino Sarubbo gentoo-dev 2018-01-23 16:42:43 UTC
amd64 stable
Comment 4 Thomas Deutschmann gentoo-dev 2018-01-26 18:22:19 UTC
x86 stable
Comment 5 Markus Meier gentoo-dev 2018-02-05 21:25:59 UTC
arm stable
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2018-02-05 22:34:33 UTC
ia64 stable
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2018-02-06 07:57:59 UTC
hppa stable
Comment 8 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-02-12 16:50:01 UTC
@Eray, have you checked if squid is affected by CVE-2018-1000027? Here the description:

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.

Thanks
Comment 9 Eray Aslan gentoo-dev 2018-02-13 06:13:35 UTC
(In reply to Christopher Díaz Riveros from comment #8)
> @Eray, have you checked if squid is affected by CVE-2018-1000027?

We have 2 patches in net-proxy/squid-3.5.27-r1:  squid-2018-1.patch (which is CVE-2018-1000024) and squid-2018-2.patch (CVE-2018-1000027)

So yes, we are good re CVE-2018-1000027
Comment 10 Tobias Klausmann (RETIRED) gentoo-dev 2018-03-04 16:25:31 UTC
Stable on alpha.
Comment 11 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-30 12:04:22 UTC
ppc stable
Comment 12 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-30 17:32:44 UTC
ppc64 stable
Comment 13 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-06-11 15:36:39 UTC
@maintainer, please drop vulnerable
Comment 14 Larry the Git Cow gentoo-dev 2018-06-19 16:14:51 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=290a73f764181cae77a63af83569c4d9023cbea4

commit 290a73f764181cae77a63af83569c4d9023cbea4
Author:     Eray Aslan <eras@gentoo.org>
AuthorDate: 2018-06-19 16:14:22 +0000
Commit:     Eray Aslan <eras@gentoo.org>
CommitDate: 2018-06-19 16:14:44 +0000

    net-proxy/squid: remove vulnerable
    
    Bug: https://bugs.gentoo.org/645356
    Package-Manager: Portage-2.3.40, Repoman-2.3.9

 net-proxy/squid/Manifest            |   1 -
 net-proxy/squid/squid-3.5.26.ebuild | 241 ----------------------------------
 net-proxy/squid/squid-3.5.27.ebuild | 249 ------------------------------------
 3 files changed, 491 deletions(-)