SUSE-SU-2024:2268-1

Опубликовано: 02 июл. 2024

Источник: suse-cvrf

Описание

Security update for squid

This update for squid fixes the following issues:

Update to version 6.10
CVE-2024-37894: Fixed a denial of Service issue in ESI processing (bsc#1227086)

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP6

squid-6.10-150600.3.6.1

openSUSE Leap 15.6

squid-6.10-150600.3.6.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20242268-1/
Link for SUSE-SU-2024:2268-1
https://lists.suse.com/pipermail/sle-security-updates/2024-July/018842.html
E-Mail link for SUSE-SU-2024:2268-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1227086
SUSE Bug 1227086
https://www.suse.com/security/cve/CVE-2024-37894/
SUSE CVE CVE-2024-37894 page

Описание

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack.

Затронутые продукты

SUSE Linux Enterprise Module for Server Applications 15 SP6:squid-6.10-150600.3.6.1

openSUSE Leap 15.6:squid-6.10-150600.3.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-37894.html
CVE-2024-37894
https://bugzilla.suse.com/1227086
SUSE Bug 1227086

SUSE-SU-2024:2268-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP6

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2024-37894

Описание

Затронутые продукты

Ссылки