Fedora 24 : php-guzzlehttp-guzzle6 (2016-4e7db3d437) (httpoxy)
Medium Nessus Plugin ID 92616
SynopsisThe remote Fedora host is missing a security update.
Description## 6.2.1 - 2016-07-18
- Address HTTP_PROXY security vulnerability, CVE-2016-5385: https://httpoxy.org/
- Fixing timeout bug with StreamHandler:
- Only read up to `Content-Length` in PHP StreamHandler to avoid timeouts when a server does not honor `Connection:
- Ignore URI fragment when sending requests.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected php-guzzlehttp-guzzle6 package.