Scientific Linux Security Update : squid on SL7.x x86_64
Medium Nessus Plugin ID 96760
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)
SolutionUpdate the affected packages.