Stay Connected:

ELSA-2024-0046

ELSA-2024-0046 - squid:4 security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2024-01-04

Description


libecap
squid
[7:4.15-7.5]
- Fix squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
- Fix squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)
- Fix squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285)
- Fix squid: Incorrect Check of Function Return Value In Helper Process management(CVE-2023-49286)

[7:4.15-7.3]
- Fix squid: DoS against HTTP and HTTPS (CVE-2023-5824)

[7:4.15-7.1]
- Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest
Authentication
- Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1
and ICAP


Related CVEs


CVE-2023-49286
CVE-2023-46728
CVE-2023-49285
CVE-2023-46724

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) libecap-1.0.1-2.module+el8.9.0+90083+f7556140.src.rpm10503f6e9c7ed585a0ff9c7705880042-ol8_aarch64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.src.rpm527a0c319b5fb1f2cd7deaea79f5ebdf-ol8_aarch64_appstream
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpmebd1f1d1df32b8f329449eb5ec6a6f22-ol8_aarch64_appstream
libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpm7c1328d8a42c2ebc6c3b69944b6b45cd-ol8_aarch64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.aarch64.rpmed4a3128480414fde82b33af325c50d0-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) libecap-1.0.1-2.module+el8.9.0+90083+f7556140.src.rpm10503f6e9c7ed585a0ff9c7705880042-ol8_x86_64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.src.rpm527a0c319b5fb1f2cd7deaea79f5ebdf-ol8_x86_64_appstream
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpmdfbf6f71bba9bd3bbf002dffc0e0ccf6-ol8_x86_64_appstream
libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpm8abd01d10825f0701f5b3101520591c9-ol8_x86_64_appstream
squid-4.15-7.module+el8.9.0+90111+615ac445.5.x86_64.rpmce578e71e12530e4b03ba16971c6a09a-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights