CVE-2019-12519 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	A stack-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can overwrite arbitrary attacker controlled information onto the process stack.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1146	squid	4.10-2	4.12-1	Critical	Fixed

References
http://www.squid-cache.org/Advisories/SQUID-2019_12.txt http://www.squid-cache.org/Versions/v4/changesets/squid-4-fdd4123629320aa1ee4c3481bb392437c90d188d.patch