ELSA-2020-2040

ULN >
Oracle Linux Errata repository >
ELSA-2020-2040

ELSA-2020-2040 - squid security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-05-07

Description

[7:3.5.20-15.1]
- Resolves: #1828359 - CVE-2020-11945 squid: improper access restriction upon
Digest Authentication nonce replay could lead to remote code execution
- Resolves: #1828360 - CVE-2019-12519 squid: improper check for new member in
ESIExpression::Evaluate allows for stack buffer overflow
- Resolves: #1829772 - CVE-2019-12525 squid: parsing of header
Proxy-Authentication leads to memory corruption

Related CVEs

CVE-2019-12519

CVE-2019-12525

CVE-2020-11945

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	squid-3.5.20-15.el7_8.1.src.rpm	ecb86f40c518b3984c26cf6086a9dadf4d7d917db21ade9e26183c78ba68d5c7	ELSA-2022-22254	ol7_aarch64_latest
	squid-3.5.20-15.el7_8.1.src.rpm	ecb86f40c518b3984c26cf6086a9dadf4d7d917db21ade9e26183c78ba68d5c7	ELSA-2022-22254	ol7_aarch64_optional_latest
	squid-3.5.20-15.el7_8.1.src.rpm	ecb86f40c518b3984c26cf6086a9dadf4d7d917db21ade9e26183c78ba68d5c7	ELSA-2022-22254	ol7_aarch64_u9_base
	squid-3.5.20-15.el7_8.1.aarch64.rpm	7df0825ab18a4bc6ebaf32cb85b5a33bb94222b711135e7496660bd5510254dc	ELSA-2022-22254	ol7_aarch64_latest
	squid-3.5.20-15.el7_8.1.aarch64.rpm	7df0825ab18a4bc6ebaf32cb85b5a33bb94222b711135e7496660bd5510254dc	ELSA-2022-22254	ol7_aarch64_u9_base
	squid-migration-script-3.5.20-15.el7_8.1.aarch64.rpm	c500fa475b52370c1e06faafae6d3c37780bad8dfa433572a017e085dccb1920	ELSA-2024-11049	ol7_aarch64_latest
	squid-migration-script-3.5.20-15.el7_8.1.aarch64.rpm	c500fa475b52370c1e06faafae6d3c37780bad8dfa433572a017e085dccb1920	ELSA-2024-11049	ol7_aarch64_u9_base
	squid-sysvinit-3.5.20-15.el7_8.1.aarch64.rpm	485ad63c303ebd7bcab0cce18cad6f873aaaa7d3e58f2e8d2509ac3276059066	ELSA-2024-11049	ol7_aarch64_optional_latest

Oracle Linux 7 (x86_64)	squid-3.5.20-15.el7_8.1.src.rpm	ecb86f40c518b3984c26cf6086a9dadf4d7d917db21ade9e26183c78ba68d5c7	ELSA-2022-22254	ol7_x86_64_latest
	squid-3.5.20-15.el7_8.1.src.rpm	ecb86f40c518b3984c26cf6086a9dadf4d7d917db21ade9e26183c78ba68d5c7	ELSA-2022-22254	ol7_x86_64_optional_latest
	squid-3.5.20-15.el7_8.1.src.rpm	ecb86f40c518b3984c26cf6086a9dadf4d7d917db21ade9e26183c78ba68d5c7	ELSA-2022-22254	ol7_x86_64_u8_patch
	squid-3.5.20-15.el7_8.1.src.rpm	ecb86f40c518b3984c26cf6086a9dadf4d7d917db21ade9e26183c78ba68d5c7	ELSA-2022-22254	ol7_x86_64_u9_base
	squid-3.5.20-15.el7_8.1.x86_64.rpm	367b9ac5ed52a6a594cb0215b53ec217f0ccc81fc4e26d5349ab41991acc6769	ELSA-2022-22254	ol7_x86_64_latest
	squid-3.5.20-15.el7_8.1.x86_64.rpm	367b9ac5ed52a6a594cb0215b53ec217f0ccc81fc4e26d5349ab41991acc6769	ELSA-2022-22254	ol7_x86_64_u8_patch
	squid-3.5.20-15.el7_8.1.x86_64.rpm	367b9ac5ed52a6a594cb0215b53ec217f0ccc81fc4e26d5349ab41991acc6769	ELSA-2022-22254	ol7_x86_64_u9_base
	squid-migration-script-3.5.20-15.el7_8.1.x86_64.rpm	51a304f561586f8b1f620f9140a30e9ed4cb13fe813f8a467f8b07988c9778f6	ELSA-2024-11049	ol7_x86_64_latest
	squid-migration-script-3.5.20-15.el7_8.1.x86_64.rpm	51a304f561586f8b1f620f9140a30e9ed4cb13fe813f8a467f8b07988c9778f6	ELSA-2024-11049	ol7_x86_64_u8_patch
	squid-migration-script-3.5.20-15.el7_8.1.x86_64.rpm	51a304f561586f8b1f620f9140a30e9ed4cb13fe813f8a467f8b07988c9778f6	ELSA-2024-11049	ol7_x86_64_u9_base
	squid-sysvinit-3.5.20-15.el7_8.1.x86_64.rpm	504a3a2f9dff5d3c9f8f8577b569f2e1d3290c672c7eb4bafe42b42ec2a7e254	ELSA-2024-11049	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691