Lucene search

K
oraclelinuxOracleLinuxELSA-2020-1068
HistoryApr 06, 2020 - 12:00 a.m.

squid security and bug fix update

2020-04-0600:00:00
linux.oracle.com
15

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

[7:3.5.20-15]

  • Resolves: #1690551 - Squid cache_peer DNS lookup failed when not all lower
    case
  • Resolves: #1680022 - squid cant display download/upload packet size for HTTPS
    sites
  • Resolves: #1717430 - Excessive memory usage when running out of descriptors
  • Resolves: #1676420 - Cache siblings return wrongly cached gateway timeouts
  • Resolves: #1729435 - CVE-2019-13345 squid: XSS via user_name or auth parameter
    in cachemgr.cgi
  • Resolves: #1582301 - CVE-2018-1000024 CVE-2018-1000027 squid: various flaws
    [7:3.5.20-13]
  • Resolves: #1620546 - migration of upstream squid

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P