ELSA-2023-6805

ULN >
Oracle Linux Errata repository >
ELSA-2023-6805

ELSA-2023-6805 - squid security update

Type:	SECURITY
Impact:	CRITICAL
Release Date:	2023-11-08

Description

[7:3.5.20-17.0.1]
- Mutiple CVE fixes for squid [Orabug: 33146289]
- Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing (#778)
- Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing (#788)
- Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range requests (#790)
- Resolves: CVE-2021-33620 squid: Handle more partial responses (#791)

[7:3.5.20-17.9]
- Resolves: RHEL-14789 - squid: Denial of Service in HTTP Digest Authentication
(CVE-2023-46847)

Related CVEs

CVE-2023-46847

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	squid-3.5.20-17.0.1.el7_9.9.src.rpm	e37386b1040c8f5fc038f1bccf764b6ea7b36b824b906451fee99a03f8e0947a	ELSA-2022-22254	ol7_aarch64_latest
	squid-3.5.20-17.0.1.el7_9.9.src.rpm	e37386b1040c8f5fc038f1bccf764b6ea7b36b824b906451fee99a03f8e0947a	ELSA-2022-22254	ol7_aarch64_optional_latest
	squid-3.5.20-17.0.1.el7_9.9.src.rpm	e37386b1040c8f5fc038f1bccf764b6ea7b36b824b906451fee99a03f8e0947a	ELSA-2022-22254	ol7_aarch64_u9_patch
	squid-3.5.20-17.0.1.el7_9.9.aarch64.rpm	f7ed90ff9931f71cf06fce77372c22adb07118e809f6f33b22c79d9dabd93631	ELSA-2022-22254	ol7_aarch64_latest
	squid-3.5.20-17.0.1.el7_9.9.aarch64.rpm	f7ed90ff9931f71cf06fce77372c22adb07118e809f6f33b22c79d9dabd93631	ELSA-2022-22254	ol7_aarch64_u9_patch
	squid-migration-script-3.5.20-17.0.1.el7_9.9.aarch64.rpm	fad0919588befb67eb839fb1a856fccff1ecd89396f0938f69309e501b06edaa	ELSA-2024-11049	ol7_aarch64_latest
	squid-migration-script-3.5.20-17.0.1.el7_9.9.aarch64.rpm	fad0919588befb67eb839fb1a856fccff1ecd89396f0938f69309e501b06edaa	ELSA-2024-11049	ol7_aarch64_u9_patch
	squid-sysvinit-3.5.20-17.0.1.el7_9.9.aarch64.rpm	3da1539da208746b964fb99b4a1c7d2cf693ea8e048471c310e62a7fe23e9008	ELSA-2024-11049	ol7_aarch64_optional_latest

Oracle Linux 7 (x86_64)	squid-3.5.20-17.0.1.el7_9.9.src.rpm	e37386b1040c8f5fc038f1bccf764b6ea7b36b824b906451fee99a03f8e0947a	ELSA-2022-22254	ol7_x86_64_latest
	squid-3.5.20-17.0.1.el7_9.9.src.rpm	e37386b1040c8f5fc038f1bccf764b6ea7b36b824b906451fee99a03f8e0947a	ELSA-2022-22254	ol7_x86_64_optional_latest
	squid-3.5.20-17.0.1.el7_9.9.src.rpm	e37386b1040c8f5fc038f1bccf764b6ea7b36b824b906451fee99a03f8e0947a	ELSA-2022-22254	ol7_x86_64_u9_patch
	squid-3.5.20-17.0.1.el7_9.9.x86_64.rpm	f3267857b59224fb31e3e9ba3fe420570b61939cea1ae12cb705e1577ef4ab03	ELSA-2022-22254	ol7_x86_64_latest
	squid-3.5.20-17.0.1.el7_9.9.x86_64.rpm	f3267857b59224fb31e3e9ba3fe420570b61939cea1ae12cb705e1577ef4ab03	ELSA-2022-22254	ol7_x86_64_u9_patch
	squid-migration-script-3.5.20-17.0.1.el7_9.9.x86_64.rpm	06a77bdfa36ed05e46ed054825a3917de6bf0db8a43c958c1ae7365eada11c2d	ELSA-2024-11049	ol7_x86_64_latest
	squid-migration-script-3.5.20-17.0.1.el7_9.9.x86_64.rpm	06a77bdfa36ed05e46ed054825a3917de6bf0db8a43c958c1ae7365eada11c2d	ELSA-2024-11049	ol7_x86_64_u9_patch
	squid-sysvinit-3.5.20-17.0.1.el7_9.9.x86_64.rpm	2fb8cbbb47fd1d4f2ac24c3a460f4eb39097379c28eeadf3c4875fe6e20fff65	ELSA-2024-11049	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691