Описание
ELSA-2021-1135: squid security update (IMPORTANT)
[7:3.5.20-17.6]
- Resolves: #1944256 - CVE-2020-25097 squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
squid
3.5.20-17.el7_9.6
squid-migration-script
3.5.20-17.el7_9.6
squid-sysvinit
3.5.20-17.el7_9.6
Oracle Linux x86_64
squid
3.5.20-17.el7_9.6
squid-migration-script
3.5.20-17.el7_9.6
squid-sysvinit
3.5.20-17.el7_9.6
Связанные CVE
Связанные уязвимости
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. D ...
