ELBA-2020-5045

ULN >
Oracle Linux Errata repository >
ELBA-2020-5045

ELBA-2020-5045 - squid bug fix and enhancement update

Type:	BUG
Impact:	NA
Release Date:	2020-11-12

Description

[7:3.5.20-17.5]
- Resolves: #1890581 - Fix for CVE 2019-13345 breaks authentication in
cachemgr.cgi

[7:3.5.20-17.4]
- Resolves: #1872349 - CVE-2020-24606 squid: Improper Input Validation could
result in a DoS
- Resolves: #1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could
result in cache poisoning
- Resolves: #1872342 - CVE-2020-15811 squid: HTTP Request Splitting could
result in cache poisoning

[7:3.5.20-17.2]
- Resolves: #1802516 - CVE-2020-8449 squid: Improper input validation issues
in HTTP Request processing
- Resolves: #1802515 - CVE-2020-8450 squid: Buffer overflow in a Squid acting
as reverse-proxy
- Resolves: #1853129 - CVE-2020-15049 squid: request smuggling and poisoning
attack against the HTTP cache
- Resolves: #1802517 - CVE-2019-12528 squid: Information Disclosure issue in
FTP Gateway

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	squid-3.5.20-17.el7_9.5.src.rpm	419cbc71b401a551f1bd61ca3aeb439748be14795fb866f911222c267bd031e3	ELSA-2022-22254	ol7_aarch64_latest
	squid-3.5.20-17.el7_9.5.src.rpm	419cbc71b401a551f1bd61ca3aeb439748be14795fb866f911222c267bd031e3	ELSA-2022-22254	ol7_aarch64_optional_latest
	squid-3.5.20-17.el7_9.5.src.rpm	419cbc71b401a551f1bd61ca3aeb439748be14795fb866f911222c267bd031e3	ELSA-2022-22254	ol7_aarch64_u9_patch
	squid-3.5.20-17.el7_9.5.aarch64.rpm	f14be87bcba1b030a924158dcf2af6c3796f2ac9da3533a10576f8a357b210a7	ELSA-2022-22254	ol7_aarch64_latest
	squid-3.5.20-17.el7_9.5.aarch64.rpm	f14be87bcba1b030a924158dcf2af6c3796f2ac9da3533a10576f8a357b210a7	ELSA-2022-22254	ol7_aarch64_u9_patch
	squid-migration-script-3.5.20-17.el7_9.5.aarch64.rpm	bcea722398471f0a52078694c665565aa0c56cca715ab9c533257089bb5bf4f5	ELSA-2024-11049	ol7_aarch64_latest
	squid-migration-script-3.5.20-17.el7_9.5.aarch64.rpm	bcea722398471f0a52078694c665565aa0c56cca715ab9c533257089bb5bf4f5	ELSA-2024-11049	ol7_aarch64_u9_patch
	squid-sysvinit-3.5.20-17.el7_9.5.aarch64.rpm	4992c23e3289f83bb3a7686a04b0f93291c031b6f6e1a5e5149e10db3f2047d0	ELSA-2024-11049	ol7_aarch64_optional_latest

Oracle Linux 7 (x86_64)	squid-3.5.20-17.el7_9.5.src.rpm	419cbc71b401a551f1bd61ca3aeb439748be14795fb866f911222c267bd031e3	ELSA-2022-22254	ol7_x86_64_latest
	squid-3.5.20-17.el7_9.5.src.rpm	419cbc71b401a551f1bd61ca3aeb439748be14795fb866f911222c267bd031e3	ELSA-2022-22254	ol7_x86_64_optional_latest
	squid-3.5.20-17.el7_9.5.src.rpm	419cbc71b401a551f1bd61ca3aeb439748be14795fb866f911222c267bd031e3	ELSA-2022-22254	ol7_x86_64_u9_patch
	squid-3.5.20-17.el7_9.5.x86_64.rpm	1ab1988bbd84669a25e5934fb62a845636369ae9f9d6fcb39609d33188176e1a	ELSA-2022-22254	ol7_x86_64_latest
	squid-3.5.20-17.el7_9.5.x86_64.rpm	1ab1988bbd84669a25e5934fb62a845636369ae9f9d6fcb39609d33188176e1a	ELSA-2022-22254	ol7_x86_64_u9_patch
	squid-migration-script-3.5.20-17.el7_9.5.x86_64.rpm	235059d52b1774b7464ebe23570a50796cf44ffde171c2a30034daac44092096	ELSA-2024-11049	ol7_x86_64_latest
	squid-migration-script-3.5.20-17.el7_9.5.x86_64.rpm	235059d52b1774b7464ebe23570a50796cf44ffde171c2a30034daac44092096	ELSA-2024-11049	ol7_x86_64_u9_patch
	squid-sysvinit-3.5.20-17.el7_9.5.x86_64.rpm	4565718ce003295d3e6248717b94ddce8da4cd594d82fdbf691e352399705598	ELSA-2024-11049	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691