logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2020:4082) Important: squid security update

Description

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: HTTP Request Smuggling could result in cache poisoning (CVE-2020-15810) * squid: HTTP Request Splitting could result in cache poisoning (CVE-2020-15811) * squid: Information Disclosure issue in FTP Gateway (CVE-2019-12528) * squid: Improper input validation issues in HTTP Request processing (CVE-2020-8449) * squid: Buffer overflow in reverse-proxy configurations (CVE-2020-8450) * squid: Request smuggling and poisoning attack against the HTTP cache (CVE-2020-15049) * squid: Improper input validation could result in a DoS (CVE-2020-24606) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.


Affected Package


OS OS Version Package Name Package Version
RedHat 7 squid-migration-script 3.5.20-17.el7_9.4
RedHat 7 squid-sysvinit 3.5.20-17.el7_9.4
RedHat 7 squid-debuginfo 3.5.20-17.el7_9.4
RedHat 7 squid-debuginfo 3.5.20-17.el7_9.4
RedHat 7 squid-migration-script 3.5.20-17.el7_9.4
RedHat 7 squid-sysvinit 3.5.20-17.el7_9.4
RedHat 7 squid-migration-script 3.5.20-17.el7_9.4
RedHat 7 squid-sysvinit 3.5.20-17.el7_9.4
RedHat 7 squid-debuginfo 3.5.20-17.el7_9.4
RedHat 7 squid 3.5.20-17.el7_9.4
RedHat 7 squid 3.5.20-17.el7_9.4
RedHat 7 squid-sysvinit 3.5.20-17.el7_9.4
RedHat 7 squid 3.5.20-17.el7_9.4
RedHat 7 squid-migration-script 3.5.20-17.el7_9.4
RedHat 7 squid 3.5.20-17.el7_9.4
RedHat 7 squid-debuginfo 3.5.20-17.el7_9.4
RedHat 7 squid 3.5.20-17.el7_9.4

Related