squid:4 security update

2024-01-0904:07:10

Rockylinux Product Errata

errata.rockylinux.org

squid

security update

ssl certificate validation

gopher protocol

buffer over-read

function return value

rocky linux 8

denial of service

cve

proxy caching server

ftp

http

cvss

vulnerability

7.1 High

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

An update is available for module.libecap, module.squid, squid, libecap.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.

Security Fix(es):

squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
rocky8aarch64libecap< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky8x86_64libecap< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky8aarch64libecap-debuginfo< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-debuginfo-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky8x86_64libecap-debuginfo< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-debuginfo-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky8aarch64libecap-debugsource< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-debugsource-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky8x86_64libecap-debugsource< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-debugsource-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky8aarch64libecap-devel< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-devel-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky8x86_64libecap-devel< 1.0.1-2.module+el8.9.0+1437+df5ea8f0libecap-devel-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky8aarch64squid< 4.15-7.module+el8.9.0+1568+6d4fd5d4.1squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.aarch64.rpm
rocky8x86_64squid< 4.15-7.module+el8.9.0+1568+6d4fd5d4.1squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	8	aarch64	libecap	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky	8	x86_64	libecap	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky	8	aarch64	libecap-debuginfo	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-debuginfo-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky	8	x86_64	libecap-debuginfo	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-debuginfo-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky	8	aarch64	libecap-debugsource	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-debugsource-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky	8	x86_64	libecap-debugsource	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-debugsource-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky	8	aarch64	libecap-devel	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-devel-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.aarch64.rpm
rocky	8	x86_64	libecap-devel	< 1.0.1-2.module+el8.9.0+1437+df5ea8f0	libecap-devel-0:1.0.1-2.module+el8.9.0+1437+df5ea8f0.x86_64.rpm
rocky	8	aarch64	squid	< 4.15-7.module+el8.9.0+1568+6d4fd5d4.1	squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.aarch64.rpm
rocky	8	x86_64	squid	< 4.15-7.module+el8.9.0+1568+6d4fd5d4.1	squid-7:4.15-7.module+el8.9.0+1568+6d4fd5d4.1.x86_64.rpm