Описание
ELSA-2021-1979: squid:4 security update (IMPORTANT)
squid [7:4.11-4.2]
- Resolves: #1944260 - CVE-2020-25097 squid:4/squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module squid:4 is enabled
libecap
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
libecap-devel
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
squid
4.11-4.module+el8.4.0+20173+36853f3f.2
Oracle Linux x86_64
Module squid:4 is enabled
libecap
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
libecap-devel
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
squid
4.11-4.module+el8.4.0+20173+36853f3f.2
Связанные CVE
Связанные уязвимости
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. D ...
