Fedora alert FEDORA-2016-f8a01aa629 (squidGuard)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 23 Update: squidGuard-1.4-26.fc23 | |
| Date: | Thu, 30 Jun 2016 19:55:20 +0000 (UTC) | |
| Message-ID: | <20160630195520.9EFA96089B2B@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-f8a01aa629 2016-06-30 14:54:20.833449 -------------------------------------------------------------------------------- Name : squidGuard Product : Fedora 23 Version : 1.4 Release : 26.fc23 URL : http://www.squidguard.org/ Summary : Filter, redirector and access controller plugin for squid Description : squidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users. - enforce the use of domainnames/prohibit the use of IP address in URLs. - redirect blocked URLs to an "intelligent" CGI based info page. - redirect unregistered user to a registration form. - redirect popular downloads like Netscape, MSIE etc. to local copies. - redirect banners to an empty GIF. - have different access rules based on time of day, day of the week, date etc. - have different rules for different user groups. - and much more.. Neither squidGuard nor Squid can be used to - filter/censor/edit text inside documents - filter/censor/edit embeded scripting languages like JavaScript or VBscript inside HTML -------------------------------------------------------------------------------- Update Information: Unit file fix. ---- http://www.squidguard.org/Downloads/Patches/1.4/Readme.Pa... -------------------------------------------------------------------------------- References: [ 1 ] Bug #1177012 - ExecStop syntax error in squidGuard.service https://bugzilla.redhat.com/show_bug.cgi?id=1177012 [ 2 ] Bug #1323211 - "squidGuard" doesn't guard - no errormessages when failing https://bugzilla.redhat.com/show_bug.cgi?id=1323211 [ 3 ] Bug #1348459 - CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1348459 [ 4 ] Bug #1253636 - error: squidGuard:7 error verifying olddir path /var/log/squidGuard/old: No such file or directory https://bugzilla.redhat.com/show_bug.cgi?id=1253636 [ 5 ] Bug #1253633 - /var/log/squidGuard permissions https://bugzilla.redhat.com/show_bug.cgi?id=1253633 [ 6 ] Bug #1348458 - CVE-2015-8936 squidGuard: Reflected cross site scripting vulnerability in squidGuard.cgi [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1348458 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update squidGuard' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-annou...