Описание
ELSA-2023-16656: squid security update (IMPORTANT)
[7:4.15-3.0.3.1]
- Add libtool-ltdl to squid Requires: [Orabug: 34992040]
[ - 7:4.15-3.0.1.1]
- Obsolete squid-sysvinit [Jira: OLDIS-20090]
[7:4.15-3.1]
- Resolves: #2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher server responses
[7:4.15-3]
- Resolves: #1941506 - CVE-2021-28116 squid:4/squid: out-of-bounds read in WCCP protocol data may lead to information disclosure
[7:4.15-2]
- Resolves: #2006121 - SQUID shortens FTP Link wrong that contains a semi-colon and as a result is not able to download zip file.CODE 404 TO CLIENT)
[7:4.15-1]
- new version 4.15
- Resolves: #1964384 - squid:4 rebase to 4.15
[7:4.11-5]
- Resolves: #1944261 - CVE-2020-25097 squid:4/squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling
[7:4.11-4]
- Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in cachemgr.cgi
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
squid
4.15-3.0.1.el7.1
Oracle Linux x86_64
squid
4.15-3.0.3.el7_9.1
Связанные CVE
Связанные уязвимости
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due ...
