Synopsis: Moderate: squid34 security update Advisory ID: SLSA-2017:0183-1 Issue Date: 2017-01-24 CVE Numbers: CVE-2016-10002 -- Security Fix(es): * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002) -- SL6 x86_64 squid34-3.4.14-9.el6_8.4.x86_64.rpm squid34-debuginfo-3.4.14-9.el6_8.4.x86_64.rpm i386 squid34-3.4.14-9.el6_8.4.i686.rpm squid34-debuginfo-3.4.14-9.el6_8.4.i686.rpm - Scientific Linux Development Team