Описание
Security update for squid
This update for squid fixes the following issues:
squid was updated to version 4.12
Security issue fixed:
- CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake (bsc#1173304).
Other issues addressed:
- Reverted to slow search for new SMP shm pages due to a regression
- Fixed an issue where negative responses were never cached
- Fixed stall if transaction was overwriting a recently active cache entry
Список пакетов
SUSE Linux Enterprise Server 12 SP5
squid-4.12-4.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
squid-4.12-4.12.1
Ссылки
- Link for SUSE-SU-2020:1770-1
- E-Mail link for SUSE-SU-2020:1770-1
- SUSE Security Ratings
- SUSE Bug 1173304
- SUSE CVE CVE-2020-14059 page
Описание
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:squid-4.12-4.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:squid-4.12-4.12.1
Ссылки
- CVE-2020-14059
- SUSE Bug 1173303
- SUSE Bug 1173304