Описание
ELSA-2020-3623: squid:4 security update (IMPORTANT)
libecap squid [7:4.4-8.2]
- Resolves: #1872345 - CVE-2020-15811 squid:4/squid: HTTP Request Splitting could result in cache poisoning
- Resolves: #1872330 - CVE-2020-15810 squid:4/squid: HTTP Request Smuggling could result in cache poisoning
[7:4.4-8.1]
- Resolves: #1828368 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow
- Resolves: #1828367 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution
- Resolves: #1829402 - CVE-2019-12525 squid:4/squid: parsing of header Proxy-Authentication leads to memory corruption
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module squid:4 is enabled
libecap
1.0.1-2.module+el8.1.0+5405+03b963f4
libecap-devel
1.0.1-2.module+el8.1.0+5405+03b963f4
squid
4.4-8.module+el8.2.0+7778+aff7482f.2
Oracle Linux x86_64
Module squid:4 is enabled
libecap
1.0.1-2.module+el8.1.0+5405+03b963f4
libecap-devel
1.0.1-2.module+el8.1.0+5405+03b963f4
squid
4.4-8.module+el8.2.0+7778+aff7482f.2
