Описание
ELSA-2021-4292: squid:4 security, bug fix, and enhancement update (MODERATE)
libecap squid [7:4.15-1]
- new version 4.15
- Resolves: #1964384 - squid:4 rebase to 4.15
[7:4.11-5]
- Resolves: #1944261 - CVE-2020-25097 squid:4/squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module squid:4 is enabled
libecap
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
libecap-devel
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
squid
4.15-1.module+el8.5.0+20327+24c223d9
Oracle Linux x86_64
Module squid:4 is enabled
libecap
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
libecap-devel
1.0.1-2.module+el8.3.0+7819+eb7d4ef6
squid
4.15-1.module+el8.5.0+20327+24c223d9
Ссылки на источники
Связанные уязвимости
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.