Synopsis: Moderate: squid security update Advisory ID: SLSA-2016:1573-1 Issue Date: 2016-08-04 CVE Numbers: CVE-2016-5408 -- Security Fix(es): * It was found that the fix for CVE-2016-4051 released via SLSA-2016:1138 did not properly prevent the stack overflow in the munge_other_line() function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemgr CGI utility, possibly triggering execution of arbitrary code. (CVE-2016-5408) -- SL6 x86_64 squid-3.1.23-16.el6_8.6.x86_64.rpm squid-debuginfo-3.1.23-16.el6_8.6.x86_64.rpm i386 squid-3.1.23-16.el6_8.6.i686.rpm squid-debuginfo-3.1.23-16.el6_8.6.i686.rpm - Scientific Linux Development Team