Lucene search

K
oraclelinuxOracleLinuxELSA-2023-16656
HistoryFeb 15, 2023 - 12:00 a.m.

squid security update

2023-02-1500:00:00
linux.oracle.com
50

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.02 Low

EPSS

Percentile

88.8%

[7:4.15-3.0.3.1]

  • Add libtool-ltdl to squid Requires: [Orabug: 34992040]
    [ - 7:4.15-3.0.1.1]
  • Obsolete squid-sysvinit [Jira: OLDIS-20090]
    [7:4.15-3.1]
  • Resolves: #2100782 - CVE-2021-46784 squid:4/squid: DoS when processing gopher
    server responses
    [7:4.15-3]
  • Resolves: #1941506 - CVE-2021-28116 squid:4/squid: out-of-bounds read in WCCP
    protocol data may lead to information disclosure
    [7:4.15-2]
  • Resolves: #2006121 - SQUID shortens FTP Link wrong that contains a semi-colon
    and as a result is not able to download zip file.CODE 404 TO CLIENT)
    [7:4.15-1]
  • new version 4.15
  • Resolves: #1964384 - squid:4 rebase to 4.15
    [7:4.11-5]
  • Resolves: #1944261 - CVE-2020-25097 squid:4/squid: improper input validation
    may allow a trusted client to perform HTTP Request Smuggling
    [7:4.11-4]
  • Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in
    cachemgr.cgi

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.02 Low

EPSS

Percentile

88.8%