logo
DATABASE RESOURCES PRICING ABOUT US

squid security update

Description

[7:3.5.20-17.4] - Resolves: #1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: #1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: #1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache poisoning [7:3.5.20-17.2] - Resolves: #1802516 - CVE-2020-8449 squid: Improper input validation issues in HTTP Request processing - Resolves: #1802515 - CVE-2020-8450 squid: Buffer overflow in a Squid acting as reverse-proxy - Resolves: #1853129 - CVE-2020-15049 squid: request smuggling and poisoning attack against the HTTP cache - Resolves: #1802517 - CVE-2019-12528 squid: Information Disclosure issue in FTP Gateway [7:3.5.20-17] - Resolves: #1828361 - CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution - Resolves: #1828362 - CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow [rhel [7:3.5.20-16] - Resolves: #1738582 - CVE-2019-12525 squid: parsing of header Proxy-Authentication leads to memory corruption


Affected Package


OS OS Version Package Name Package Version
oracle linux 7 squid 3.5.20-17.el7_9.4
oracle linux 7 squid 3.5.20-17.el7_9.4
oracle linux 7 squid-migration-script 3.5.20-17.el7_9.4
oracle linux 7 squid-sysvinit 3.5.20-17.el7_9.4
oracle linux 7 squid 3.5.20-17.el7_9.4
oracle linux 7 squid 3.5.20-17.el7_9.4
oracle linux 7 squid-migration-script 3.5.20-17.el7_9.4
oracle linux 7 squid-sysvinit 3.5.20-17.el7_9.4

Related