SUSE-SU-2024:2270-1

Опубликовано: 02 июл. 2024

Источник: suse-cvrf

Описание

Security update for squid

This update for squid fixes the following issues:

CVE-2024-37894: Fixed a denial of Service issue in ESI processing (bsc#1227086)

Список пакетов

SUSE Linux Enterprise Server 12 SP5

squid-4.17-4.50.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

squid-4.17-4.50.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20242270-1/
Link for SUSE-SU-2024:2270-1
https://lists.suse.com/pipermail/sle-security-updates/2024-July/018840.html
E-Mail link for SUSE-SU-2024:2270-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1227086
SUSE Bug 1227086
https://www.suse.com/security/cve/CVE-2024-37894/
SUSE CVE CVE-2024-37894 page

Описание

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack.

Затронутые продукты

SUSE Linux Enterprise Server 12 SP5:squid-4.17-4.50.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5:squid-4.17-4.50.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-37894.html
CVE-2024-37894
https://bugzilla.suse.com/1227086
SUSE Bug 1227086

SUSE-SU-2024:2270-1

Описание

Список пакетов

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP5

Ссылки

Уязвимость: CVE-2024-37894

Описание

Затронутые продукты

Ссылки