You are here
Home > Preporuke > Ranjivost programskog paketa squidGuard

Ranjivost programskog paketa squidGuard

——————————————————————————–
Fedora Update Notification
FEDORA-2016-8b19472a3c
2016-06-30 19:57:05.714183
——————————————————————————–

Name : squidGuard
Product : Fedora 24
Version : 1.4
Release : 26.fc24
URL : http://www.squidguard.org/
Summary : Filter, redirector and access controller plugin for squid
Description :
squidGuard can be used to
– limit the web access for some users to a list of accepted/well known
web servers and/or URLs only.
– block access to some listed or blacklisted web servers and/or URLs
for some users.
– block access to URLs matching a list of regular expressions or words
for some users.
– enforce the use of domainnames/prohibit the use of IP address in
URLs.
– redirect blocked URLs to an “intelligent” CGI based info page.
– redirect unregistered user to a registration form.
– redirect popular downloads like Netscape, MSIE etc. to local copies.
– redirect banners to an empty GIF.
– have different access rules based on time of day, day of the week,
date etc.
– have different rules for different user groups.
– and much more..

Neither squidGuard nor Squid can be used to
– filter/censor/edit text inside documents
– filter/censor/edit embeded scripting languages like JavaScript or
VBscript inside HTML

——————————————————————————–
Update Information:

Unit file fix. —-
http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201
——————————————————————————–
References:

[ 1 ] Bug #1177012 – ExecStop syntax error in squidGuard.service
https://bugzilla.redhat.com/show_bug.cgi?id=1177012
[ 2 ] Bug #1323211 – “squidGuard” doesn’t guard – no errormessages when failing
https://bugzilla.redhat.com/show_bug.cgi?id=1323211
[ 3 ] Bug #1348459 – CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1348459
[ 4 ] Bug #1253636 – error: squidGuard:7 error verifying olddir path /var/log/squidGuard/old: No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=1253636
[ 5 ] Bug #1253633 – /var/log/squidGuard permissions
https://bugzilla.redhat.com/show_bug.cgi?id=1253633
[ 6 ] Bug #1348458 – CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1348458
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update squidGuard’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-f8a01aa629
2016-06-30 14:54:20.833449
——————————————————————————–

Name : squidGuard
Product : Fedora 23
Version : 1.4
Release : 26.fc23
URL : http://www.squidguard.org/
Summary : Filter, redirector and access controller plugin for squid
Description :
squidGuard can be used to
– limit the web access for some users to a list of accepted/well known
web servers and/or URLs only.
– block access to some listed or blacklisted web servers and/or URLs
for some users.
– block access to URLs matching a list of regular expressions or words
for some users.
– enforce the use of domainnames/prohibit the use of IP address in
URLs.
– redirect blocked URLs to an “intelligent” CGI based info page.
– redirect unregistered user to a registration form.
– redirect popular downloads like Netscape, MSIE etc. to local copies.
– redirect banners to an empty GIF.
– have different access rules based on time of day, day of the week,
date etc.
– have different rules for different user groups.
– and much more..

Neither squidGuard nor Squid can be used to
– filter/censor/edit text inside documents
– filter/censor/edit embeded scripting languages like JavaScript or
VBscript inside HTML

——————————————————————————–
Update Information:

Unit file fix. —-
http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201
——————————————————————————–
References:

[ 1 ] Bug #1177012 – ExecStop syntax error in squidGuard.service
https://bugzilla.redhat.com/show_bug.cgi?id=1177012
[ 2 ] Bug #1323211 – “squidGuard” doesn’t guard – no errormessages when failing
https://bugzilla.redhat.com/show_bug.cgi?id=1323211
[ 3 ] Bug #1348459 – CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1348459
[ 4 ] Bug #1253636 – error: squidGuard:7 error verifying olddir path /var/log/squidGuard/old: No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=1253636
[ 5 ] Bug #1253633 – /var/log/squidGuard permissions
https://bugzilla.redhat.com/show_bug.cgi?id=1253633
[ 6 ] Bug #1348458 – CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1348458
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update squidGuard’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-fbb5a65729
2016-06-30 09:52:35.134832
——————————————————————————–

Name : squidGuard
Product : Fedora 22
Version : 1.4
Release : 26.fc22
URL : http://www.squidguard.org/
Summary : Filter, redirector and access controller plugin for squid
Description :
squidGuard can be used to
– limit the web access for some users to a list of accepted/well known
web servers and/or URLs only.
– block access to some listed or blacklisted web servers and/or URLs
for some users.
– block access to URLs matching a list of regular expressions or words
for some users.
– enforce the use of domainnames/prohibit the use of IP address in
URLs.
– redirect blocked URLs to an “intelligent” CGI based info page.
– redirect unregistered user to a registration form.
– redirect popular downloads like Netscape, MSIE etc. to local copies.
– redirect banners to an empty GIF.
– have different access rules based on time of day, day of the week,
date etc.
– have different rules for different user groups.
– and much more..

Neither squidGuard nor Squid can be used to
– filter/censor/edit text inside documents
– filter/censor/edit embeded scripting languages like JavaScript or
VBscript inside HTML

——————————————————————————–
Update Information:

Unit file fix. —-
http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201
——————————————————————————–
References:

[ 1 ] Bug #1177012 – ExecStop syntax error in squidGuard.service
https://bugzilla.redhat.com/show_bug.cgi?id=1177012
[ 2 ] Bug #1323211 – “squidGuard” doesn’t guard – no errormessages when failing
https://bugzilla.redhat.com/show_bug.cgi?id=1323211
[ 3 ] Bug #1348459 – CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1348459
[ 4 ] Bug #1253636 – error: squidGuard:7 error verifying olddir path /var/log/squidGuard/old: No such file or directory
https://bugzilla.redhat.com/show_bug.cgi?id=1253636
[ 5 ] Bug #1253633 – /var/log/squidGuard permissions
https://bugzilla.redhat.com/show_bug.cgi?id=1253633
[ 6 ] Bug #1348458 – CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1348458
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update squidGuard’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa libreoffice

Otkriven je sigurnosni nedostatak u programskom paketu libreoffice. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada uskraćivanjem usluge i pokretanje drugih...

Close