openSUSE-SU-2020:0914-1

Опубликовано: 29 июн. 2020

Источник: suse-cvrf

Описание

Security update for squid

This update for squid fixes the following issues:

squid was updated to version 4.12

Security issue fixed:

CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake (bsc#1173304).

Other issues addressed:

Reverted to slow search for new SMP shm pages due to a regression
Fixed an issue where negative responses were never cached
Fixed stall if transaction was overwriting a recently active cache entry

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.2

squid-4.12-lp152.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M2HFP25KYVUFFO3JWN66D4EIMO4MFMIM/
E-Mail link for openSUSE-SU-2020:0914-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1173304
SUSE Bug 1173304
https://www.suse.com/security/cve/CVE-2020-14059/
SUSE CVE CVE-2020-14059 page

Описание

An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.

Затронутые продукты

openSUSE Leap 15.2:squid-4.12-lp152.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-14059.html
CVE-2020-14059
https://bugzilla.suse.com/1173303
SUSE Bug 1173303
https://bugzilla.suse.com/1173304
SUSE Bug 1173304

openSUSE-SU-2020:0914-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-14059

Описание

Затронутые продукты

Ссылки