ELSA-2020-2040

Опубликовано: 07 мая 2020

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2020-2040: squid security update (IMPORTANT)

[7:3.5.20-15.1]

Resolves: #1828359 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution
Resolves: #1828360 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow
Resolves: #1829772 - CVE-2019-12525 squid: parsing of header Proxy-Authentication leads to memory corruption

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

squid

3.5.20-15.el7_8.1

squid-migration-script

3.5.20-15.el7_8.1

squid-sysvinit

3.5.20-15.el7_8.1

Oracle Linux x86_64

squid

3.5.20-15.el7_8.1

squid-migration-script

3.5.20-15.el7_8.1

squid-sysvinit

3.5.20-15.el7_8.1

Связанные CVE

CVE-2019-12519

CVE-2019-12525

CVE-2020-11945

Ссылки на источники

Связанные уязвимости

RLSA-2020:2041

rocky

около 5 лет назад

Important: squid:4 security update

ELSA-2020-2041

oracle-oval

около 5 лет назад

ELSA-2020-2041: squid:4 security update (IMPORTANT)

SUSE-SU-2020:14460-1

suse-cvrf

почти 5 лет назад

Security update for squid3

SUSE-SU-2020:1227-1

suse-cvrf

около 5 лет назад

Security update for squid

openSUSE-SU-2020:0623-1

suse-cvrf

около 5 лет назад

Security update for squid